diff options
| author | David Yip <yipdw@member.fsf.org> | 2018-04-18 18:48:12 -0500 |
|---|---|---|
| committer | David Yip <yipdw@member.fsf.org> | 2018-04-18 18:48:12 -0500 |
| commit | 16d5217502a09132dc14a3a808036af5dbcb73dd (patch) | |
| tree | deb7b81919e5f8082b7d848b0b8df4787d37f001 /app/controllers/api | |
| parent | 813da6788e5129579db04e89aac3076902af2c7a (diff) | |
| parent | ff87d1bc3ecdb81ff5c523f0964ecf223a503d30 (diff) | |
Merge remote-tracking branch 'origin/master' into gs-master
Conflicts: app/controllers/home_controller.rb app/controllers/stream_entries_controller.rb app/javascript/mastodon/locales/ja.json app/javascript/mastodon/locales/pl.json
Diffstat (limited to 'app/controllers/api')
| -rw-r--r-- | app/controllers/api/web/base_controller.rb | 9 | ||||
| -rw-r--r-- | app/controllers/api/web/embeds_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/api/web/push_subscriptions_controller.rb | 3 | ||||
| -rw-r--r-- | app/controllers/api/web/settings_controller.rb | 2 |
4 files changed, 12 insertions, 4 deletions
diff --git a/app/controllers/api/web/base_controller.rb b/app/controllers/api/web/base_controller.rb new file mode 100644 index 000000000..8da549b3a --- /dev/null +++ b/app/controllers/api/web/base_controller.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class Api::Web::BaseController < Api::BaseController + protect_from_forgery with: :exception + + rescue_from ActionController::InvalidAuthenticityToken do + render json: { error: "Can't verify CSRF token authenticity." }, status: 422 + end +end diff --git a/app/controllers/api/web/embeds_controller.rb b/app/controllers/api/web/embeds_controller.rb index 2ed516161..f2fe74b17 100644 --- a/app/controllers/api/web/embeds_controller.rb +++ b/app/controllers/api/web/embeds_controller.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -class Api::Web::EmbedsController < Api::BaseController +class Api::Web::EmbedsController < Api::Web::BaseController respond_to :json before_action :require_user! diff --git a/app/controllers/api/web/push_subscriptions_controller.rb b/app/controllers/api/web/push_subscriptions_controller.rb index c611031ab..249e7c186 100644 --- a/app/controllers/api/web/push_subscriptions_controller.rb +++ b/app/controllers/api/web/push_subscriptions_controller.rb @@ -1,10 +1,9 @@ # frozen_string_literal: true -class Api::Web::PushSubscriptionsController < Api::BaseController +class Api::Web::PushSubscriptionsController < Api::Web::BaseController respond_to :json before_action :require_user! - protect_from_forgery with: :exception def create active_session = current_session diff --git a/app/controllers/api/web/settings_controller.rb b/app/controllers/api/web/settings_controller.rb index f6739d506..e3178bf48 100644 --- a/app/controllers/api/web/settings_controller.rb +++ b/app/controllers/api/web/settings_controller.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -class Api::Web::SettingsController < Api::BaseController +class Api::Web::SettingsController < Api::Web::BaseController respond_to :json before_action :require_user! |