Sets forgery protection filter first.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6315 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2011-07-25 21:02:27 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2011-07-25 21:02:27 +0000
commit: 130b71d121f4fd10a77fd254d87ddb8f8aedb496 (patch)
tree: 3ad91204d4fc7764c8bccfea2b461606c6a5ba0d
parent: 9cebf65568f9c0867b546c213db47346a73b9d09 (diff)
download: redmine-130b71d121f4fd10a77fd254d87ddb8f8aedb496.tar.gz
redmine-130b71d121f4fd10a77fd254d87ddb8f8aedb496.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index cf9a849bc..bfed52d84 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -25,6 +25,8 @@ class ApplicationController < ActionController::Base
 
   layout 'base'
   exempt_from_layout 'builder', 'rsb'
+  
+  protect_from_forgery
 
   # Remove broken cookie after upgrade from 0.8.x (#4292)
   # See https://rails.lighthouseapp.com/projects/8994/tickets/3360
@@ -40,7 +42,6 @@ class ApplicationController < ActionController::Base
 
   before_filter :user_setup, :check_if_login_required, :set_localization
   filter_parameter_logging :password
-  protect_from_forgery
 
   rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token
   rescue_from ::Unauthorized, :with => :deny_access
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2011-07-25 21:02:27 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2011-07-25 21:02:27 +0000
commit	130b71d121f4fd10a77fd254d87ddb8f8aedb496 (patch)
tree	3ad91204d4fc7764c8bccfea2b461606c6a5ba0d
parent	9cebf65568f9c0867b546c213db47346a73b9d09 (diff)
download	redmine-130b71d121f4fd10a77fd254d87ddb8f8aedb496.tar.gz redmine-130b71d121f4fd10a77fd254d87ddb8f8aedb496.zip