From 2bb4ed01be3e5cd71e1cf142710ef748eca436c5 Mon Sep 17 00:00:00 2001
From: Ceeram <c33ram@gmail.com>
Date: Wed, 16 Nov 2011 00:40:48 +0100
Subject: [PATCH] Removing _Token from request data.

It is not used outside the component and could possibly affect Model::save().
Fixes #2256

Signed-off-by: mark_story <mark@mark-story.com>
---
 lib/Cake/Controller/Component/SecurityComponent.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/Cake/Controller/Component/SecurityComponent.php b/lib/Cake/Controller/Component/SecurityComponent.php
index df4a7899f..204209db0 100644
--- a/lib/Cake/Controller/Component/SecurityComponent.php
+++ b/lib/Cake/Controller/Component/SecurityComponent.php
@@ -208,6 +208,9 @@ class SecurityComponent extends Component {
 			}
 		}
 		$this->_generateToken($controller);
+		if ($isPost) {
+			unset($controller->request->data['_Token']);
+		}
 	}
 
 /**