[DRE-commits] r4669 - in trunk/redmine/debian: . patches
Jérémy Lal
kapouer-guest at alioth.debian.org
Sun Feb 14 17:16:37 UTC 2010
Author: kapouer-guest
Date: 2010-02-14 17:16:35 +0000 (Sun, 14 Feb 2010)
New Revision: 4669
Added:
trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch
Modified:
trunk/redmine/debian/changelog
trunk/redmine/debian/patches/series
Log:
Another rails 2.2 monkey patch : allows XHR requests to work.
Modified: trunk/redmine/debian/changelog
===================================================================
--- trunk/redmine/debian/changelog 2010-02-14 17:16:27 UTC (rev 4668)
+++ trunk/redmine/debian/changelog 2010-02-14 17:16:35 UTC (rev 4669)
@@ -3,8 +3,9 @@
* Fix forms select helper, another rails 2.2 incompatibility.
(Closes: #569080)
* Correctly declare generate_session_store task. (Closes: #569555)
+ * Monkey patch to allow XHR requests in rails 2.2.3-2.
- -- Jérémy Lal <kapouer at melix.org> Wed, 10 Feb 2010 01:42:02 +0100
+ -- Jérémy Lal <kapouer at melix.org> Sun, 14 Feb 2010 15:58:08 +0100
redmine (0.9.2-1) unstable; urgency=low
Added: trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch
===================================================================
--- trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch (rev 0)
+++ trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch 2010-02-14 17:16:35 UTC (rev 4669)
@@ -0,0 +1,31 @@
+From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Lal?= <kapouer at melix.org>
+Date: Sun, 14 Feb 2010 15:54:48 +0100
+Subject: [PATCH] Request forgery protection allow XHR
+
+This patch is from rails 2.3.5. If not applied, XHR requests return error 500.
+Submitted to rails 2.2.3-2 :
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569811
+---
+ .../initializers/request_forgery_protection_xhr.rb | 12 ++++++++++++
+ 1 files changed, 12 insertions(+), 0 deletions(-)
+ create mode 100644 config/initializers/request_forgery_protection_xhr.rb
+
+diff --git a/config/initializers/request_forgery_protection_xhr.rb b/config/initializers/request_forgery_protection_xhr.rb
+new file mode 100644
+index 0000000..1886080
+--- /dev/null
++++ b/config/initializers/request_forgery_protection_xhr.rb
+@@ -0,0 +1,12 @@
++module ActionController
++ module RequestForgeryProtection
++ protected
++ def verified_request?
++ !protect_against_forgery? ||
++ request.method == :get ||
++ request.xhr? ||
++ !verifiable_request_format? ||
++ form_authenticity_token == params[request_forgery_protection_token]
++ end
++ end
++end
+--
Modified: trunk/redmine/debian/patches/series
===================================================================
--- trunk/redmine/debian/patches/series 2010-02-14 17:16:27 UTC (rev 4668)
+++ trunk/redmine/debian/patches/series 2010-02-14 17:16:35 UTC (rev 4669)
@@ -13,3 +13,4 @@
0013-OrderedHash-to-Hash.patch
0014-Monkey-patches-for-group-support-taken-from-rails-2..patch
0015-Move-session-configuration-to-YML-file-next-to-datab.patch
+0016-Request-forgery-protection-allow-XHR.patch
More information about the Pkg-ruby-extras-commits
mailing list