changeset 150:88f957e0352b

No need for csrf protection Because there's no cookies/session to be protected.
author Edho Arief <edho@myconan.net>
date Mon, 26 Nov 2012 21:52:43 +0700
parents f5614a89ce49
children db5164ff73a9
files app/views/layouts/application.html.erb app/views/pastes/show.html.erb
diffstat 2 files changed, 0 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/app/views/layouts/application.html.erb	Mon Nov 26 21:51:20 2012 +0700
+++ b/app/views/layouts/application.html.erb	Mon Nov 26 21:52:43 2012 +0700
@@ -5,9 +5,6 @@
     <title><%= html_title %></title>
     <%= stylesheet_link_tag    "application", :media => "all" %>
     <%= javascript_include_tag "application" %>
-    <% unless @skip_csrf %>
-      <%= csrf_meta_tags %>
-    <% end %>
   </head>
   <body>
 
--- a/app/views/pastes/show.html.erb	Mon Nov 26 21:51:20 2012 +0700
+++ b/app/views/pastes/show.html.erb	Mon Nov 26 21:52:43 2012 +0700
@@ -1,5 +1,4 @@
 <% provide :title, "Paste ##{@paste.id}" %>
-<% @skip_csrf = true %>
 <div class="page-header">
   <h1><%= content_for :title %></h1>
 </div>