Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3470 from ahuling13/expired-nonce-return-status 

In the case of an expired nonce, return a 400 status code instead of 500
This commit is contained in:
Sam 2015-05-20 12:08:17 +10:00
parent d1d703718a e44ddff9bb
commit 14ab9c45b6
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/session_controller.rb
View File

@ -57,7 +57,7 @@ class SessionController < ApplicationController
sso = DiscourseSingleSignOn.parse(request.query_string)
if !sso.nonce_valid?
return render(text: I18n.t("sso.timeout_expired"), status: 500)
return render(text: I18n.t("sso.timeout_expired"), status: 419)
end
if ScreenedIpAddress.should_block?(request.remote_ip)