Browse files

MINOR: change the ugly user-facing CSRF message to more friendly

User does not necessarily knows what CSRF is, and tends to get scared by
this, thinking he has abused something. On the other hand users tend to
know what session expiry means.
  • Loading branch information...
1 parent 869bab2 commit b5617868253553c458cb221d5e44b9a973ab8adb @mateusz mateusz committed Apr 26, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 forms/Form.php
@@ -240,7 +240,7 @@ public function httpSubmission($request) {
// Protection against CSRF attacks
$token = $this->getSecurityToken();
if(!$token->checkRequest($request)) {
- $this->httpError(400, "Security token doesn't match, possible CSRF attack.");
+ $this->httpError(400, "Sorry, your session has timed out.");
// Determine the action button clicked

0 comments on commit b561786

Please sign in to comment.