<hobo_rapid_javascripts> should obey allow_forgery_protection option
Reported by Jakub Suder | October 16th, 2008 @ 10:31 AM
In the test environment, the protecting against request forgery feature is disabled by default ("config.action_controller.allow_forgery_protection = false" in config/environments/test.rb). Because of this, form_authenticity_token() method in controller throws an exception. Hobo tag "hobo-rapid-javascripts" calls this method without checking if request forgery protection is disabled. This results in an exception "No :secret given to the #protect_from_forgery call" while running some controller tests.
Proposed solution: replace the line:
rapid.dryml:98:
if request_forgery_protection_token
with:
if protect_against_forgery?
Comments and changes to this ticket
-
Tom Locke December 2nd, 2008 @ 10:52 AM
- State changed from “new” to “resolved”
Thanks. Fixed in c9d55cf
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
People watching this ticket
- Nobody is watching this ticket.