Feature #26709 » application_controller.rb.patch
| application_controller.rb (working copy) | ||
|---|---|---|
| 55 | 55 | |
| 56 | 56 |
rescue_from ::Unauthorized, :with => :deny_access |
| 57 | 57 |
rescue_from ::ActionView::MissingTemplate, :with => :missing_template |
| 58 |
rescue_from ::ActionController::UnknownFormat, :with => :unknown_format |
|
| 59 |
rescue_from ::ActionController::InvalidCrossOriginRequest, :with => :csrf_error |
|
| 58 | 60 | |
| 59 | 61 |
include Redmine::Search::Controller |
| 60 | 62 |
include Redmine::MenuManager::MenuController |
| ... | ... | |
| 508 | 510 |
render_404 |
| 509 | 511 |
end |
| 510 | 512 | |
| 513 |
def unknown_format(exception) |
|
| 514 |
if Rails.application.config.consider_all_requests_local |
|
| 515 |
raise exception |
|
| 516 |
else |
|
| 517 |
head 406 |
|
| 518 |
end |
|
| 519 |
end |
|
| 520 | ||
| 521 |
def csrf_error(exception) |
|
| 522 |
if Rails.application.config.consider_all_requests_local |
|
| 523 |
raise exception |
|
| 524 |
else |
|
| 525 |
self.response_body = nil |
|
| 526 |
head 400 |
|
| 527 |
end |
|
| 528 |
end |
|
| 529 | ||
| 511 | 530 |
# Filter for actions that provide an API response |
| 512 | 531 |
# but have no HTML representation for non admin users |
| 513 | 532 |
def require_admin_or_api_request |