aboutsummaryrefslogtreecommitdiffstats
path: root/activesupport/test/json
diff options
context:
space:
mode:
authorPeter Jones <pjones@pmade.com>2008-05-07 16:04:18 -0600
committerDavid Heinemeier Hansson <david@loudthinking.com>2008-05-11 13:27:34 -0500
commit2a986200b9a6be0f68a0db504dc478da04842dee (patch)
tree66421a3dd7322c44184a273834ed95795f0a5a0f /activesupport/test/json
parent7013d9e52a41a6261738b8d11bcada85bc6fe81b (diff)
downloadrails-2a986200b9a6be0f68a0db504dc478da04842dee.tar.gz
rails-2a986200b9a6be0f68a0db504dc478da04842dee.tar.bz2
rails-2a986200b9a6be0f68a0db504dc478da04842dee.zip
Bug: Earlier Check for Session in Forgery Protection
The session is used by the form_authenticity_token method before it is tested to be valid. This patch moves a few lines around so that the session is validated first. Without this patch, if you try to use forgery protection with sessions turned off, you get this exception message: undefined method `session_id' for {}:Hash The patch includes a test that can be used to see this behavior before the request_forgery_protection.rb file is patched to fix it.
Diffstat (limited to 'activesupport/test/json')
0 files changed, 0 insertions, 0 deletions