Skip to content
Permalink
Browse files

Fix security component causing black holes on error pages.

Fixes #2966
  • Loading branch information...
markstory committed Jun 18, 2012
1 parent 645e981 commit fec6c1c6cb022b59a4332c2d1a3238dff6b7af4c
Showing with 4 additions and 0 deletions.
  1. +4 −0 lib/Cake/Controller/Component/SecurityComponent.php
@@ -205,6 +205,10 @@ class SecurityComponent extends Component {
* @return void
*/
public function startup(Controller $controller) {
if ($controller->name == 'CakeError') {
return true;
}
$this->request = $controller->request;
$this->_action = $this->request->params['action'];
$this->_methodsRequired($controller);

3 comments on commit fec6c1c

@ADmad

This comment has been minimized.

Copy link
Member

ADmad replied Jun 18, 2012

I feel this is the wrong place to do this fix. Instead of patching the component itself the Security component should be disabled in CakeErrorController::__construct() before calling the Controller::startupProcess(). If someone is using a custom exception renderer with a custom controller for rendering view this check would be useless anyway.

@markstory

This comment has been minimized.

Copy link
Member Author

markstory replied Jun 18, 2012

AuthComponent has the same check in the same place. I agree though it might be a better solution to have the controller disable those components as part of its startup process. I'll make that change, as I felt this was a bit icky at the time.

@ADmad

This comment has been minimized.

Copy link
Member

ADmad replied Jun 18, 2012

Yup same change would be required for Auth too.

Please sign in to comment.
You can’t perform that action at this time.