Tailor the CSRF check message for HTTP requests with "security.require-https"
AcceptedPublic
Actions

Authored by epriestley on Apr 13 2017, 2:55 PM.

Details

Reviewers

chad

Maniphest Tasks

Summary

Ref T12547. See that task for discussion.

Test Plan

Changed storage.default-namespace to a new value.
Upgraded database.
Enabled security.require-https.
Registered over plain HTTP.
After patch, got a more tailored exception instead of the more general/misleading one from before.

Repository

rP Phabricator

Branch

tailor1

Lint

Lint OK

Unit

Unit Tests OK

Build Status

This revision is now accepted and ready to land.Apr 13 2017, 3:05 PM

Path

Size

src/

aphront/

23 lines