From baa9469c9b1ddf67e8de7aa51117a2acffee1fad 2014-12-26 10:42:41
From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: 2014-12-26 10:42:41
Subject: [PATCH] Merged r13670 (#18499).

git-svn-id: http://svn.redmine.org/redmine/branches/2.6-stable@13800 e93f8b46-1217-0410-a6f0-8f06a7374b81

---

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index e8f3565..fbebfd5 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -45,6 +45,7 @@ class ApplicationController < ActionController::Base
       super
       cookies.delete(autologin_cookie_name)
       self.logged_user = nil
+      set_localization
       render_error :status => 422, :message => "Invalid form authenticity token."
     end
   end
diff --git a/test/integration/application_test.rb b/test/integration/application_test.rb
index 6b5419d..5814a3a 100644
--- a/test/integration/application_test.rb
+++ b/test/integration/application_test.rb
@@ -76,4 +76,15 @@ class ApplicationTest < ActionController::IntegrationTest
   ensure
     ActionController::Base.allow_forgery_protection = false
   end
+
+  def test_localization_should_be_set_correctly_on_invalid_token
+    ActionController::Base.allow_forgery_protection = true
+    Setting.default_language = 'en'
+    post 'issues', { }, 'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3'
+    assert_response 422
+    assert_equal :fr, current_language
+    assert_select "html[lang=?]", "fr"
+  ensure
+    ActionController::Base.allow_forgery_protection = false
+  end
 end