Fix anonymous visitors getting a session cookie on first visit (#24584)

2023-04-25 16:51:38 +02:00
parent 6084461cd0
commit 276c39361b
8 changed files with 64 additions and 26 deletions
--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@@ -10,6 +10,10 @@ module WebAppControllerConcern
    vary_by 'Accept, Accept-Language, Cookie'
  end

+  def skip_csrf_meta_tags?
+    current_user.nil?
+  end
+
  def set_app_body_class
    @body_classes = 'app-body'
  end