From 0e09252840c19bcfbd7413edb009683317e23bb8 Mon Sep 17 00:00:00 2001 From: Andy Allan Date: Wed, 27 Mar 2019 11:24:31 +0100 Subject: [PATCH] Check validity token in changesets controller It makes no difference today, but prevents problems in future if methods accepting post requests are added to this controller in future. --- app/controllers/changesets_controller.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/app/controllers/changesets_controller.rb b/app/controllers/changesets_controller.rb index 32d9fd733..3b20130d0 100644 --- a/app/controllers/changesets_controller.rb +++ b/app/controllers/changesets_controller.rb @@ -4,7 +4,6 @@ class ChangesetsController < ApplicationController layout "site" require "xml/libxml" - skip_before_action :verify_authenticity_token, :except => [:index] before_action :authorize_web before_action :set_locale before_action -> { check_database_readable(true) }, :only => [:index, :feed] -- 2.39.5