Skip to content
Browse files

Fix security component causing black holes on error pages.

Fixes #2966
  • Loading branch information...
1 parent 645e981 commit fec6c1c6cb022b59a4332c2d1a3238dff6b7af4c @markstory markstory committed Jun 17, 2012
Showing with 4 additions and 0 deletions.
  1. +4 −0 lib/Cake/Controller/Component/SecurityComponent.php
View
4 lib/Cake/Controller/Component/SecurityComponent.php
@@ -205,6 +205,10 @@ class SecurityComponent extends Component {
* @return void
*/
public function startup(Controller $controller) {
+ if ($controller->name == 'CakeError') {
+ return true;
+ }
+
$this->request = $controller->request;
$this->_action = $this->request->params['action'];
$this->_methodsRequired($controller);

3 comments on commit fec6c1c

@ADmad
CakePHP member
ADmad commented on fec6c1c Jun 18, 2012

I feel this is the wrong place to do this fix. Instead of patching the component itself the Security component should be disabled in CakeErrorController::__construct() before calling the Controller::startupProcess(). If someone is using a custom exception renderer with a custom controller for rendering view this check would be useless anyway.

@markstory
CakePHP member

AuthComponent has the same check in the same place. I agree though it might be a better solution to have the controller disable those components as part of its startup process. I'll make that change, as I felt this was a bit icky at the time.

@ADmad
CakePHP member
ADmad commented on fec6c1c Jun 18, 2012

Yup same change would be required for Auth too.

Please sign in to comment.
Something went wrong with that request. Please try again.