diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-04-08 02:30:50 +0200 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-04-08 02:30:50 +0200 |
commit | 4b621188adcd3e68272fc58db3cb5dfe51e71b38 (patch) | |
tree | 45df5941a51262e9ad1f316208ff4cde9c7732c5 /app/controllers/application_controller.rb | |
parent | a872f2f4c64f4a370fa1a92a28f9c07c1dd3b06d (diff) |
Fix #1165 - before_action was called before protect_from_forgery
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r-- | app/controllers/application_controller.rb | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f00f9c1e3..61ca71123 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,14 +1,13 @@ # frozen_string_literal: true class ApplicationController < ActionController::Base - include Localized - # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception force_ssl if: "Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true'" + include Localized helper_method :current_account rescue_from ActionController::RoutingError, with: :not_found @@ -41,7 +40,6 @@ class ApplicationController < ActionController::Base # If the sign in is after a two week break, we need to regenerate their feed RegenerationWorker.perform_async(current_user.account_id) if current_user.last_sign_in_at < 14.days.ago - return end def check_suspension |