tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Spec response for forgery (#3248)

Browse Source 
Remove protect_from_forgery in ApiController, which is disabled by the
following skip_before_action, as well.
This commit is contained in:
Akihiko Odaki (@fn_aki@pawoo.net)
2017-06-02 03:56:55 +09:00
committed by Eugen Rochko
parent e98559c3ff
commit 10768aa204
3 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/api_controller.rb
View File

@ -4,8 +4,6 @@ class ApiController < ApplicationController
DEFAULT_STATUSES_LIMIT = 20
DEFAULT_ACCOUNTS_LIMIT = 40
protect_from_forgery with: :null_session
skip_before_action :verify_authenticity_token
skip_before_action :store_current_location