CSRF messages are no longer controlled by 422.html because InvalidAuthenticityToken is not raised

author: Tony Primerano <tony.primerano@gxs.com> 2012-03-28 16:35:06 -0400
committer: Tony Primerano <tony.primerano@gxs.com> 2012-03-28 16:35:06 -0400
commit: e81084330059e57b0a2422e351dbb28633f69434 (patch)
tree: 67cb4cc85ffdf64169c892b1c099e2d6bfd910ca /actionpack
parent: 4a26b22b462eeaa363245d4251259d94f4f2a9ce (diff)
download: rails-e81084330059e57b0a2422e351dbb28633f69434.tar.gz
rails-e81084330059e57b0a2422e351dbb28633f69434.tar.bz2
rails-e81084330059e57b0a2422e351dbb28633f69434.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index 3081c14c09..0bff1825d9 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -17,7 +17,6 @@ module ActionController #:nodoc:
   # CSRF protection is turned on with the <tt>protect_from_forgery</tt> method,
   # which checks the token and resets the session if it doesn't match what was expected.
   # A call to this method is generated for new \Rails applications by default.
-  # You can customize the error message by editing public/422.html.
   #
   # The token parameter is named <tt>authenticity_token</tt> by default. The name and
   # value of this token must be added to every layout that renders forms by including
author	Tony Primerano <tony.primerano@gxs.com>	2012-03-28 16:35:06 -0400
committer	Tony Primerano <tony.primerano@gxs.com>	2012-03-28 16:35:06 -0400
commit	e81084330059e57b0a2422e351dbb28633f69434 (patch)
tree	67cb4cc85ffdf64169c892b1c099e2d6bfd910ca /actionpack
parent	4a26b22b462eeaa363245d4251259d94f4f2a9ce (diff)
download	rails-e81084330059e57b0a2422e351dbb28633f69434.tar.gz rails-e81084330059e57b0a2422e351dbb28633f69434.tar.bz2 rails-e81084330059e57b0a2422e351dbb28633f69434.zip