From e81084330059e57b0a2422e351dbb28633f69434 Mon Sep 17 00:00:00 2001
From: Tony Primerano <tony.primerano@gxs.com>
Date: Wed, 28 Mar 2012 16:35:06 -0400
Subject: CSRF messages are no longer controlled by 422.html because
 InvalidAuthenticityToken is not raised

---
 actionpack/lib/action_controller/metal/request_forgery_protection.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index 3081c14c09..0bff1825d9 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -17,7 +17,6 @@ module ActionController #:nodoc:
   # CSRF protection is turned on with the <tt>protect_from_forgery</tt> method,
   # which checks the token and resets the session if it doesn't match what was expected.
   # A call to this method is generated for new \Rails applications by default.
-  # You can customize the error message by editing public/422.html.
   #
   # The token parameter is named <tt>authenticity_token</tt> by default. The name and
   # value of this token must be added to every layout that renders forms by including
-- 
cgit v1.2.3