[bbb-greenlight: 5/18] More work to fix CSRF issue on join (#2043)

From: Bartłomiej Piotrowski <bpiotrowski src gnome org>
To: commits-list gnome org
Cc:
Subject: [bbb-greenlight: 5/18] More work to fix CSRF issue on join (#2043)
Date: Fri, 18 Sep 2020 06:13:00 +0000 (UTC)


commit e2bfdef9671c2e2888940e55872e839cacd17baa
Author: Ahmad Farhat <ahmad af farhat gmail com>
Date:   Wed Aug 26 10:20:50 2020 -0400

    More work to fix CSRF issue on join (#2043)

 app/controllers/rooms_controller.rb | 1 +
 1 file changed, 1 insertion(+)
---
diff --git a/app/controllers/rooms_controller.rb b/app/controllers/rooms_controller.rb
index a67ce13..be09e6e 100644
--- a/app/controllers/rooms_controller.rb
+++ b/app/controllers/rooms_controller.rb
@@ -33,6 +33,7 @@ class RoomsController < ApplicationController
                 unless: -> { !Rails.configuration.enable_email_verification }
   before_action :verify_room_owner_valid, only: [:show, :join]
   before_action :verify_user_not_admin, only: [:show]
+  skip_before_action :verify_authenticity_token, only: [:join]
 
   # POST /
   def create

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]