From faf31225dff07c51454576db68a0c31529afcdde Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guillaume=20Perr=C3=A9al?= <guillaume.perreal@irstea.fr>
Date: Tue, 20 Jan 2015 16:36:15 +0100
Subject: [PATCH] =?UTF-8?q?FileUpload:=20g=C3=A9n=C3=A8re=20une=20erreur?=
 =?UTF-8?q?=20correcte=20si=20le=20token=20CSRF=20n'est=20pas=20bon.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Controller/UploadController.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Controller/UploadController.php b/Controller/UploadController.php
index 4a8c67f8..be782a59 100644
--- a/Controller/UploadController.php
+++ b/Controller/UploadController.php
@@ -16,6 +16,7 @@ use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\HttpException;
 use Symfony\Component\Routing\RouterInterface;
 
 /**
@@ -115,12 +116,12 @@ class UploadController extends Controller
     /**
      *
      * @param Request $request
-     * @throws JsonReponse
+     * @throws HttpException
      */
     protected function validateToken(Request $request)
     {
         if(!$this->csrfProvider->isCsrfTokenValid("file-upload", $request->query->get('token', null))) {
-            throw $this->createResponse(Response::HTTP_BAD_REQUEST, 'Invalid CRSF token');
+            throw new HttpException(Response::HTTP_FORBIDDEN, 'Invalid token');
         }
     }
 
-- 
GitLab