This project is archived and is in readonly mode.

#5534 ✓invalid
Lars Kuhnt

Controller breaks when an action is named 'config'

Reported by Lars Kuhnt | September 2nd, 2010 @ 02:58 PM


I spend some time to figure out that an action named 'config' breaks the whole controller. A cryptic exception is raised whenever you try to access any action on that controller. In my case it was:

undefined method `allow_forgery_protection' for nil:NilClass

activesupport (3.0.0) lib/active_support/whiny_nil.rb:48:in `method_missing'
activesupport (3.0.0) lib/active_support/configurable.rb:22:in `allow_forgery_protection'
actionpack (3.0.0) lib/action_controller/metal/request_forgery_protection.rb:120:in `protect_against_forgery?'
actionpack (3.0.0) lib/action_controller/metal/request_forgery_protection.rb:105:in `verified_request?'
actionpack (3.0.0) lib/action_controller/metal/request_forgery_protection.rb:96:in `verify_authenticity_token'
activesupport (3.0.0) lib/active_support/callbacks.rb:436:in `_run__3642780899113546055__process_action__3023371025821930858__callbacks'
activesupport (3.0.0) lib/active_support/callbacks.rb:409:in `_run_process_action_callbacks'

It would be great to get a warning or a better error message when an illegal action name is used.

I attached a test-case to demonstrate the issue.


Comments and changes to this ticket

  • Neeraj Singh

    Neeraj Singh September 7th, 2010 @ 10:34 PM

    • State changed from “new” to “invalid”
    • Importance changed from “” to “Low”

    abstract_controller/base.rb has following line

    require 'active_support/configurable'

    configurable provides a method called config which allows one to do things like

        #   require 'active_support/configurable'      
        #   class User
        #     include ActiveSupport::Configurable
        #   end 
        #   user =
        #   user.config.allowed_access = true
        #   user.config.level = 1
        #   user.config.allowed_access # => true
        #   user.config.level          # => 1

    Since abstract_controller includes that module a config method is automatically created. If you have an action named 'config' then that would overrite this config and that's not good.

    Yes it should be documented.

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href=""></a>