NullSessionHash#destroy should be a no-op

Previously it was raising a NilException

2 files changed, 13 insertions, 0 deletions

diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index 573c739da4..bd64b1f812 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -124,6 +124,9 @@ module ActionController #:nodoc:
             @loaded = true
           end
 
+          # no-op
+          def destroy; end
+
           def exists?
             true
           end
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb
index c272e785c2..727db79241 100644
--- a/actionpack/test/controller/request_forgery_protection_test.rb
+++ b/actionpack/test/controller/request_forgery_protection_test.rb
@@ -78,6 +78,11 @@ class RequestForgeryProtectionControllerUsingNullSession < ActionController::Bas
     cookies.encrypted[:foo] = 'bar'
     render :nothing => true
   end
+
+  def try_to_reset_session
+    reset_session
+    render :nothing => true
+  end
 end
 
 class FreeCookieController < RequestForgeryProtectionControllerUsingResetSession
@@ -320,6 +325,11 @@ class RequestForgeryProtectionControllerUsingNullSessionTest < ActionController:
     post :encrypted
     assert_response :ok
   end
+
+  test 'should allow reset_session' do
+    post :try_to_reset_session
+    assert_response :ok
+  end
 end
 
 class RequestForgeryProtectionControllerUsingExceptionTest < ActionController::TestCase