Permalink
Browse files

Removing _Token from request data.

It is not used outside the component and could possibly affect Model::save().
Fixes #2256

Signed-off-by: mark_story <mark@mark-story.com>
  • Loading branch information...
1 parent 6e4493c commit 2bb4ed01be3e5cd71e1cf142710ef748eca436c5 @ceeram ceeram committed with markstory Nov 15, 2011
Showing with 3 additions and 0 deletions.
  1. +3 −0 lib/Cake/Controller/Component/SecurityComponent.php
@@ -208,6 +208,9 @@ public function startup($controller) {
}
}
$this->_generateToken($controller);
+ if ($isPost) {
+ unset($controller->request->data['_Token']);
+ }
}
/**

0 comments on commit 2bb4ed0

Please sign in to comment.