Skip to content

Commit

Permalink
Use case-insensitive comparison in session_changed.
Browse files Browse the repository at this point in the history 
Redmine login name is case-insensitive, so the previous
code could cause issues when different upper case and lower
case characters are used in the authentication layer.

This commit hopefully fixes 'invalid form authenticity token'
issues.
  • Loading branch information
@AdamLantos
AdamLantos committed Jan 3, 2011
1 parent 0918708 commit aaf7eb0
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/http_auth_patch.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ def session_changed?(user, remote_username)
if user.nil?
true
else
use_email? ? user.mail != remote_username : user.login != remote_username
use_email? ? user.mail.casecmp(remote_username) != 0 : user.login.casecmp(remote_username) != 0
end
end

Expand Down

0 comments on commit aaf7eb0

Please sign in to comment.