Skip to content
This repository
Browse code

Fix security component causing black holes on error pages.

Fixes #2966
  • Loading branch information...
commit fec6c1c6cb022b59a4332c2d1a3238dff6b7af4c 1 parent 645e981
Mark Story authored June 17, 2012
4  lib/Cake/Controller/Component/SecurityComponent.php
@@ -205,6 +205,10 @@ class SecurityComponent extends Component {
205 205
  * @return void
206 206
  */
207 207
 	public function startup(Controller $controller) {
  208
+		if ($controller->name == 'CakeError') {
  209
+			return true;
  210
+		}
  211
+
208 212
 		$this->request = $controller->request;
209 213
 		$this->_action = $this->request->params['action'];
210 214
 		$this->_methodsRequired($controller);

3 notes on commit fec6c1c

ADmad
Collaborator
ADmad commented on fec6c1c June 17, 2012

I feel this is the wrong place to do this fix. Instead of patching the component itself the Security component should be disabled in CakeErrorController::__construct() before calling the Controller::startupProcess(). If someone is using a custom exception renderer with a custom controller for rendering view this check would be useless anyway.

Mark Story
Owner

AuthComponent has the same check in the same place. I agree though it might be a better solution to have the controller disable those components as part of its startup process. I'll make that change, as I felt this was a bit icky at the time.

ADmad
Collaborator
ADmad commented on fec6c1c June 18, 2012

Yup same change would be required for Auth too.

Please sign in to comment.
Something went wrong with that request. Please try again.