Download as
Browse Code »

Commit 875d8afc82579ee6823851d18be8e0f80b732a03

Authored by Antonio Terceiro
1 parent 9ff5859c
Exists in master and in 19 other branches add_member_task_reject_details, admin_visible_profile, community_notifications, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, organization_ratings_improvements, profile_api_improvements, ratings_minor_fixes, send_email_to_admins, stable-spb-1.4, stable-spb-1.5, web_steps_improvements, xss_terminate_custom_options

Fix HTTP caching and logins with rails 4 

Since all cookies should be dropped for unauthenticated users, you cannot
expect the XSRF cookie to be present to allow users to login!
Showing 2 changed files with 2 additions and 1 deletions   Show diff stats
app/controllers/public/account_controller.rb
  Diff comments   View file @875d8af
@@ -6,6 +6,8 @@ class AccountController < ApplicationController @@ -6,6 +6,8 @@ class AccountController < ApplicationController
6 before_filter :redirect_if_logged_in, :only => [:login, :signup] 6 before_filter :redirect_if_logged_in, :only => [:login, :signup]
7 before_filter :protect_from_bots, :only => :signup 7 before_filter :protect_from_bots, :only => :signup
8 8
  9 + protect_from_forgery except: [:login]
  10 +
9 helper CustomFieldsHelper 11 helper CustomFieldsHelper
10 # say something nice, you goof! something sweet. 12 # say something nice, you goof! something sweet.
11 def index 13 def index
vendor/plugins/noosfero_caching/init.rb
  Diff comments   View file @875d8af
@@ -27,7 +27,6 @@ module NoosferoHttpCaching @@ -27,7 +27,6 @@ module NoosferoHttpCaching
27 end 27 end
28 28
29 def noosfero_session_check 29 def noosfero_session_check
30 - return unless params[:controller] == 'account'  
31 headers["X-Noosfero-Auth"] = (session[:user] != nil).to_s 30 headers["X-Noosfero-Auth"] = (session[:user] != nil).to_s
32 end 31 end
33 32