Skip to content

Commit

Permalink
Fix security component causing black holes on error pages.
Browse files Browse the repository at this point in the history 
Fixes #2966
  • Loading branch information
@markstory
markstory committed Jun 18, 2012
1 parent 645e981 commit fec6c1c
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions lib/Cake/Controller/Component/SecurityComponent.php
View file
Expand Up @@ -205,6 +205,10 @@ class SecurityComponent extends Component {
* @return void
*/
public function startup(Controller $controller) {
if ($controller->name == 'CakeError') {
return true;
}

$this->request = $controller->request;
$this->_action = $this->request->params['action'];
$this->_methodsRequired($controller);
Expand Down

3 comments on commit fec6c1c

@ADmad
Copy link
Member

@ADmad ADmad commented on fec6c1c Jun 18, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel this is the wrong place to do this fix. Instead of patching the component itself the Security component should be disabled in CakeErrorController::__construct() before calling the Controller::startupProcess(). If someone is using a custom exception renderer with a custom controller for rendering view this check would be useless anyway.

@markstory
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AuthComponent has the same check in the same place. I agree though it might be a better solution to have the controller disable those components as part of its startup process. I'll make that change, as I felt this was a bit icky at the time.

@ADmad
Copy link
Member

@ADmad ADmad commented on fec6c1c Jun 18, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup same change would be required for Auth too.

Please sign in to comment.