diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-07-25 21:15:09 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-07-25 21:15:09 +0000 |
| commit | b81149fa47edf38ebe2ed56e0653d3582cd96f91 (patch) | |
| tree | d6cbde6e5952a0c91bddb2f6d86c8acb2f90df65 | |
| parent | 130b71d121f4fd10a77fd254d87ddb8f8aedb496 (diff) | |
| download | redmine-b81149fa47edf38ebe2ed56e0653d3582cd96f91.tar.gz redmine-b81149fa47edf38ebe2ed56e0653d3582cd96f91.zip | |
Remove autologin cookie on unverified request.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6316 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | app/controllers/application_controller.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index bfed52d84..1a9eb16d7 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -27,7 +27,10 @@ class ApplicationController < ActionController::Base exempt_from_layout 'builder', 'rsb' protect_from_forgery - + def handle_unverified_request + super + cookies.delete(:autologin) + end # Remove broken cookie after upgrade from 0.8.x (#4292) # See https://rails.lighthouseapp.com/projects/8994/tickets/3360 # TODO: remove it when Rails is fixed |