[Git][noosfero/noosfero][master] 2 commits: Fix HTTP caching and logins with rails 4
Victor Costa
gitlab at mg.gitlab.com
Fri Dec 4 17:04:48 BRST 2015
Victor Costa pushed to branch master at Noosfero / noosfero
Commits:
875d8afc by Antonio Terceiro at 2015-12-03T18:07:17Z
Fix HTTP caching and logins with rails 4
Since all cookies should be dropped for unauthenticated users, you cannot
expect the XSRF cookie to be present to allow users to login!
- - - - -
6d69da64 by Victor Costa at 2015-12-04T19:04:24Z
Merge branch 'fix-http-cache' into 'master'
Fix HTTP caching and logins with rails 4
Since all cookies should be dropped for unauthenticated users, you cannot
expect the XSRF cookie to be present to allow users to login!
See merge request !739
- - - - -
2 changed files:
- app/controllers/public/account_controller.rb
- vendor/plugins/noosfero_caching/init.rb
Changes:
=====================================
app/controllers/public/account_controller.rb
=====================================
--- a/app/controllers/public/account_controller.rb
+++ b/app/controllers/public/account_controller.rb
@@ -6,6 +6,8 @@ class AccountController < ApplicationController
before_filter :redirect_if_logged_in, :only => [:login, :signup]
before_filter :protect_from_bots, :only => :signup
+ protect_from_forgery except: [:login]
+
helper CustomFieldsHelper
# say something nice, you goof! something sweet.
def index
=====================================
vendor/plugins/noosfero_caching/init.rb
=====================================
--- a/vendor/plugins/noosfero_caching/init.rb
+++ b/vendor/plugins/noosfero_caching/init.rb
@@ -27,7 +27,6 @@ module NoosferoHttpCaching
end
def noosfero_session_check
- return unless params[:controller] == 'account'
headers["X-Noosfero-Auth"] = (session[:user] != nil).to_s
end
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/ce49e588d9f664e896b4596850675a34eeae3457...6d69da649ec8173d3538821b873b3c79ca6e7c8f
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20151204/02927b18/attachment.html>
More information about the Noosfero-dev
mailing list