Browse Source

Fixes #897.

tags/2.0.0-beta
Qiang Xue 11 years ago
parent
commit
93d5f5a3ec
  1. 2
      framework/yii/base/ErrorHandler.php
  2. 3
      framework/yii/web/Request.php

2
framework/yii/base/ErrorHandler.php

@ -93,6 +93,8 @@ class ErrorHandler extends Component
$response->getHeaders()->removeAll();
if ($useErrorView && $this->errorAction !== null) {
// disable CSRF validation so that errorAction can run in case the error is caused by CSRF validation failure
Yii::$app->getRequest()->enableCsrfValidation = false;
$result = Yii::$app->runAction($this->errorAction);
if ($result instanceof Response) {
$response = $result;

3
framework/yii/web/Request.php

@ -1001,7 +1001,8 @@ class Request extends \yii\base\Request
*/
public function getCsrfTokenFromHeader()
{
return isset($_SERVER[self::CSRF_HEADER]) ? $_SERVER[self::CSRF_HEADER] : null;
$key = 'HTTP_' . str_replace('-', '_', strtoupper(self::CSRF_HEADER));
return isset($_SERVER[$key]) ? $_SERVER[$key] : null;
}
/**

Loading…
Cancel
Save