From 49316d8a6357bbb19c2032faa3dfec8f7e0f0253 Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Tue, 15 Sep 2015 07:43:04 -0700
Subject: fewer direct env manipulations

this commit removes some direct access to `env`.
---
 actionpack/lib/action_controller/metal/request_forgery_protection.rb | 2 +-
 actionpack/lib/action_dispatch/http/request.rb                       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'actionpack')

diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index e5f3cb8e8d..2ddf34f40f 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -137,7 +137,7 @@ module ActionController #:nodoc:
         def handle_unverified_request
           request = @controller.request
           request.session = NullSessionHash.new(request)
-          request.env['action_dispatch.request.flash_hash'] = nil
+          request.flash = nil
           request.env['rack.session.options'] = { skip: true }
           request.cookie_jar = NullCookieJar.build(request, {})
         end
diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb
index 18504eba6d..b2566c4820 100644
--- a/actionpack/lib/action_dispatch/http/request.rb
+++ b/actionpack/lib/action_dispatch/http/request.rb
@@ -324,7 +324,7 @@ module ActionDispatch
       else
         self.session = {}
       end
-      set_header('action_dispatch.request.flash_hash', nil)
+      self.flash = nil
     end
 
     def session=(session) #:nodoc:
-- 
cgit v1.2.3