[DRE-commits] r4669 - in trunk/redmine/debian: . patches

Sun Feb 14 17:16:37 UTC 2010

Author: kapouer-guest
Date: 2010-02-14 17:16:35 +0000 (Sun, 14 Feb 2010)
New Revision: 4669

Added:
   trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch
Modified:
   trunk/redmine/debian/changelog
   trunk/redmine/debian/patches/series
Log:
Another rails 2.2 monkey patch : allows XHR requests to work.

Modified: trunk/redmine/debian/changelog
===================================================================

--- trunk/redmine/debian/changelog	2010-02-14 17:16:27 UTC (rev 4668)
+++ trunk/redmine/debian/changelog	2010-02-14 17:16:35 UTC (rev 4669)
@@ -3,8 +3,9 @@
   * Fix forms select helper, another rails 2.2 incompatibility.
     (Closes: #569080)
   * Correctly declare generate_session_store task. (Closes: #569555)
+  * Monkey patch to allow XHR requests in rails 2.2.3-2.
 
- -- Jérémy Lal <kapouer at melix.org>  Wed, 10 Feb 2010 01:42:02 +0100
+ -- Jérémy Lal <kapouer at melix.org>  Sun, 14 Feb 2010 15:58:08 +0100
 
 redmine (0.9.2-1) unstable; urgency=low
 

Added: trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch
===================================================================
--- trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch	                        (rev 0)
+++ trunk/redmine/debian/patches/0016-Request-forgery-protection-allow-XHR.patch	2010-02-14 17:16:35 UTC (rev 4669)
@@ -0,0 +1,31 @@
+From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Lal?= <kapouer at melix.org>
+Date: Sun, 14 Feb 2010 15:54:48 +0100
+Subject: [PATCH] Request forgery protection allow XHR
+
+This patch is from rails 2.3.5. If not applied, XHR requests return error 500.
+Submitted to rails 2.2.3-2 :
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569811
+---
+ .../initializers/request_forgery_protection_xhr.rb |   12 ++++++++++++
+ 1 files changed, 12 insertions(+), 0 deletions(-)
+ create mode 100644 config/initializers/request_forgery_protection_xhr.rb
+
+diff --git a/config/initializers/request_forgery_protection_xhr.rb b/config/initializers/request_forgery_protection_xhr.rb
+new file mode 100644
+index 0000000..1886080
+--- /dev/null
++++ b/config/initializers/request_forgery_protection_xhr.rb
+@@ -0,0 +1,12 @@
++module ActionController
++  module RequestForgeryProtection
++    protected
++	  def verified_request?
++        !protect_against_forgery?     ||
++          request.method == :get      ||
++          request.xhr?                ||
++          !verifiable_request_format? ||
++          form_authenticity_token == params[request_forgery_protection_token]
++      end
++  end
++end
+-- 

Modified: trunk/redmine/debian/patches/series
===================================================================
--- trunk/redmine/debian/patches/series	2010-02-14 17:16:27 UTC (rev 4668)
+++ trunk/redmine/debian/patches/series	2010-02-14 17:16:35 UTC (rev 4669)
@@ -13,3 +13,4 @@
 0013-OrderedHash-to-Hash.patch
 0014-Monkey-patches-for-group-support-taken-from-rails-2..patch
 0015-Move-session-configuration-to-YML-file-next-to-datab.patch
+0016-Request-forgery-protection-allow-XHR.patch


