[webui] avoid exceptions from invalid users while rendering the error

openSUSE · Nov 6, 2012 · b022f67 · b022f67
1 parent 4e9928a
commit b022f67
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/src/webui/app/controllers/application_controller.rb b/src/webui/app/controllers/application_controller.rb
@@ -200,6 +200,9 @@ def rescue_with_handler( exception )
         end
       end
     when ActiveXML::Transport::UnauthorizedError
+      # do not try to access user
+      @user = nil
+      session[:login] = nil
       #ExceptionNotifier.deliver_exception_notification(exception, self, strip_sensitive_data_from(request), {}) if send_exception_mail?
       render_error :status => 401, :message => 'Unauthorized access, please login'
     when ActionController::InvalidAuthenticityToken