diff options
| author | Marius Balteanu <marius.balteanu@zitec.com> | 2023-12-21 06:47:32 +0000 |
|---|---|---|
| committer | Marius Balteanu <marius.balteanu@zitec.com> | 2023-12-21 06:47:32 +0000 |
| commit | 539d0f867e3b6f4b9a2b419cd8c70b6329fb9a44 (patch) | |
| tree | fe459a6ba06f8af0d8ac4d8d683cfa39abcfd7e8 /app | |
| parent | 4460861233856e274d12fe542ef936bf7cea0c25 (diff) | |
| download | redmine-539d0f867e3b6f4b9a2b419cd8c70b6329fb9a44.tar.gz redmine-539d0f867e3b6f4b9a2b419cd8c70b6329fb9a44.zip | |
Explicitly render a 404 on non-JS requests to @watchers#new@ (#39894).
Patch by @hjust.
git-svn-id: https://svn.redmine.org/redmine/trunk@22538 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/watchers_controller.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/app/controllers/watchers_controller.rb b/app/controllers/watchers_controller.rb index 58c875b0c..dbacb5c76 100644 --- a/app/controllers/watchers_controller.rb +++ b/app/controllers/watchers_controller.rb @@ -32,7 +32,12 @@ class WatchersController < ApplicationController accept_api_auth :create, :destroy def new - @users = users_for_new_watcher + respond_to do |format| + format.html { render_404 } + format.js do + @users = users_for_new_watcher + end + end end def create |