jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

related tags: disable csrf protection for update action.

Browse Source 
This fixes InvalidAuthenticityToken errors caused by Reportbooru trying to
use this endpoint to update related tags. Reportbooru uses a secret key
to authenticate rather than using apikey-based authentication, which
makes it fail the CSRF protection.
This commit is contained in:
evazion
2019-08-26 20:24:20 -05:00
parent a3d748e300
commit 27be15ce7a
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/related_tags_controller.rb
View File

@@ -1,6 +1,7 @@
class RelatedTagsController < ApplicationController class RelatedTagsController < ApplicationController
respond_to :json, :xml, :js, :html, except: [:update] respond_to :json, :xml, :js, :html, except: [:update]
before_action :require_reportbooru_key, only: [:update] before_action :require_reportbooru_key, only: [:update]
skip_forgery_protection only: [:update]
def show def show
@query = RelatedTagQuery.new(query: params[:query], category: params[:category], user: CurrentUser.user) @query = RelatedTagQuery.new(query: params[:query], category: params[:category], user: CurrentUser.user)