diff options
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/api/subscriptions_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/api_controller.rb | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/app/controllers/api/subscriptions_controller.rb b/app/controllers/api/subscriptions_controller.rb index 038d6c877..6ae038a36 100644 --- a/app/controllers/api/subscriptions_controller.rb +++ b/app/controllers/api/subscriptions_controller.rb @@ -12,7 +12,7 @@ class Api::SubscriptionsController < ApiController def update body = request.body.read - if @account.subscription(api_subscription_url(@account.id)).verify(body, env['HTTP_X_HUB_SIGNATURE']) + if @account.subscription(api_subscription_url(@account.id)).verify(body, request.headers['HTTP_X_HUB_SIGNATURE']) ProcessFeedService.new.(body, @account) render nothing: true, status: 201 else diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 80d084328..35f1e62c5 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -1,5 +1,6 @@ class ApiController < ApplicationController protect_from_forgery with: :null_session + skip_before_filter :verify_authenticity_token protected |