From fbd4219274f7c30de391ec8d7b6b6c5d76fb57c7 Mon Sep 17 00:00:00 2001
From: George Claghorn <george@basecamp.com>
Date: Fri, 19 Oct 2018 15:21:26 -0400
Subject: Don't short-circuit

---
 app/controllers/action_mailbox/base_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/controllers')

diff --git a/app/controllers/action_mailbox/base_controller.rb b/app/controllers/action_mailbox/base_controller.rb
index 680c6a9615..6f0e7e42d1 100644
--- a/app/controllers/action_mailbox/base_controller.rb
+++ b/app/controllers/action_mailbox/base_controller.rb
@@ -4,7 +4,7 @@ class ActionMailbox::BaseController < ActionController::Base
   private
     def authenticate
       authenticate_or_request_with_http_basic("Action Mailbox") do |given_username, given_password|
-        ActiveSupport::SecurityUtils.secure_compare(given_username, username) &&
+        ActiveSupport::SecurityUtils.secure_compare(given_username, username) &
           ActiveSupport::SecurityUtils.secure_compare(given_password, password)
       end
     end
-- 
cgit v1.2.3