danbooru/app/controllers at 2d34e697378ee2aa835a61610bffc358c4038ae3 - danbooru - Industries Git

jaculabilis/danbooru

Files

History

evazion 2d34e69737 api: disable csrf protection for api requests.

Fixes POST/PUT API requests failing with InvalidAuthenticityToken errors
due to missing CSRF tokens.

CSRF protection is only necessary for cookie-based authentication. For
non-cookie-based authentication we can safely disable it. That is, if
the user is already passing their login + api_key, then we don't need
to additionally verify the request with a CSRF token.

ref: 2e407fa476 (comments)

2019-08-24 22:55:35 -05:00

..

mod actions: separate account upgrades from promotions (fix #3841 )

2018-08-26 11:12:04 -05:00

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

maintenance/user

dmail filters: fix uninitialized constant error.

2019-08-13 21:30:20 -05:00

jobs: migrate mass updates to ActiveJob.

2019-08-19 00:46:31 -05:00

application_controller.rb

api: disable csrf protection for api requests.

2019-08-24 22:55:35 -05:00

artist_commentaries_controller.rb

Make /artists_versions and /artist_commentaries/search visible to all.

2019-08-15 12:51:51 -05:00

artist_commentary_versions_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

artist_urls_controller.rb

related tags: build html server-side instead of client-side.

2018-10-12 21:18:15 -05:00

artist_versions_controller.rb

users: drop id_to_name, name_to_id caching.

2019-08-18 11:24:42 -05:00

artists_controller.rb

Fix errors on /artists/show_or_new, /wiki_pages/show_or_new pages.

2019-08-22 00:09:50 -05:00

bans_controller.rb

fix tests

2018-05-09 11:59:51 -07:00

bulk_update_requests_controller.rb

BURs: allow only pending BURs to be rejected.

2019-01-15 21:20:28 -06:00

comment_votes_controller.rb

comment votes: fix error handling.

2019-08-19 17:22:36 -05:00

comments_controller.rb

comments: minimize sql queries.

2019-08-20 21:55:25 -05:00

counts_controller.rb

fixes #3936

2018-10-12 15:17:32 -07:00

delayed_jobs_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

dmails_controller.rb

dmails: factor out spam detector service.

2019-08-23 22:38:03 -05:00

dtext_previews_controller.rb

Remove ruby DText implementation (#3206 ).

2017-07-19 16:48:42 -05:00

favorite_group_orders_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

favorite_groups_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

favorites_controller.rb

favorites: fix error handling.

2019-08-13 21:30:20 -05:00

forum_post_votes_controller.rb

Implement forum topic voting and tag change pruning (#3580 )

2018-04-26 15:31:06 -07:00

forum_posts_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

forum_topics_controller.rb

Implement forum topic voting and tag change pruning (#3580 )

2018-04-26 15:31:06 -07:00

ip_bans_controller.rb

Fix #4106 : Allow moderators to IP ban subnets.

2019-08-12 02:12:56 -05:00

iqdb_queries_controller.rb

use image url for iqdb proxy

2018-08-29 20:56:24 -07:00

janitor_trials_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

legacy_controller.rb

Fix exception in legacy /post/index.xml endpoint.

2019-08-12 19:20:33 -05:00

meta_searches_controller.rb

…

mod_actions_controller.rb

/mod_actions: fix N+1 query.

2019-08-19 00:46:31 -05:00

news_updates_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

note_previews_controller.rb

notes: move sanitization from d_text.rb to note_sanitizer.rb.

2017-06-15 22:58:13 -05:00

note_versions_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

notes_controller.rb

users: drop id_to_name, name_to_id caching.

2019-08-18 11:24:42 -05:00

pool_elements_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

pool_orders_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

pool_versions_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

pools_controller.rb

pools/show: fix pagination to respect user's posts-per-page setting.

2019-08-21 14:31:58 -05:00

post_appeals_controller.rb

Fix new dtext shortlinks redirecting to nonexistent pages.

2018-10-25 23:00:43 -05:00

post_approvals_controller.rb

post approvals: add index page + search options (fix #3579 ).

2018-05-05 14:00:49 -05:00

post_events_controller.rb

…

post_flags_controller.rb

Fix new dtext shortlinks redirecting to nonexistent pages.

2018-10-25 23:00:43 -05:00

post_replacements_controller.rb

posts/show: load flag/appeal/replacement dialogs via ajax (#3922 ).

2018-09-26 20:01:14 -05:00

post_versions_controller.rb

add RequestStore gem, support universal only param for api endpoints (fixes #4068 )

2019-04-17 12:00:42 -07:00

post_votes_controller.rb

post votes: fix error handling.

2019-08-13 21:30:20 -05:00

posts_controller.rb

posts/show: fix thresholded comments not being hidden on pageload.

2019-08-22 16:40:45 -05:00

recommended_posts_controller.rb

fix self check for rec posts

2018-07-21 14:35:24 -07:00

related_tags_controller.rb

Fix #4035 : The Related Tag JSON endpoint is returning the wrong information

2019-01-07 13:30:10 -06:00

reports_controller.rb

remove similar users report

2018-08-03 17:40:00 -07:00

saved_searches_controller.rb

continue refactoring savedsearch

2018-11-15 12:06:13 -08:00

sessions_controller.rb

session controller: remove dead session[:previous_uri] cookie.

2019-08-08 14:00:46 -05:00

sources_controller.rb

Render "Fetch source data" box html server-side.

2018-09-08 15:42:16 -05:00

static_controller.rb

Remove unused terms of service banner.

2019-08-14 01:46:44 -05:00

tag_alias_requests_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

tag_aliases_controller.rb

aliases, implications: fix N+1 query in listing pages.

2019-08-09 00:05:50 -05:00

tag_corrections_controller.rb

tag corrections: remove distributed cache logic (#3943 ).

2018-10-04 13:46:10 -05:00

tag_implication_requests_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

tag_implications_controller.rb

aliases, implications: fix N+1 query in listing pages.

2019-08-09 00:05:50 -05:00

tags_controller.rb

Adds fuzzy string matching and prefix matching

2018-08-28 16:41:52 -07:00

uploads_controller.rb

related tags: eliminate recent_tags cookie (#3955 ).

2018-10-12 21:20:06 -05:00

user_feedbacks_controller.rb

Add user permissions for flagging and for giving user feedback

2018-12-11 17:08:31 -08:00

user_name_change_requests_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

user_reverts_controller.rb

Raise error on unpermitted params.

2018-04-06 18:09:57 -07:00

user_upgrades_controller.rb

fix: #4022 Gifting someone a gold account shows "You are now a Builder level account."

2018-12-19 15:19:00 -08:00

users_controller.rb

users: fix error handling for /users?name=<does_not_exist>.

2019-08-21 23:32:34 -05:00

wiki_page_versions_controller.rb

rails 5: replace redirect_to :back with redirect_back

2018-04-28 12:24:36 -05:00

wiki_pages_controller.rb

Fix errors on /artists/show_or_new, /wiki_pages/show_or_new pages.

2019-08-22 00:09:50 -05:00