merge from master (post-CSRF changes)

author: Seb Bacon <seb.bacon@gmail.com> 2011-03-09 14:58:30 +0000
committer: Seb Bacon <seb.bacon@gmail.com> 2011-03-09 14:58:30 +0000
commit: b4585af18e9c3a033f6cfe27213f0575af795a66 (patch)
tree: 996efa1487ac0d8cb7e4f53ee6478ad625b9d27d /app/controllers/request_controller.rb
parent: 224b8a4ba3a24af91068505c7907724448a4096d (diff)
parent: 4cc2cf2a6d935adfd263ea4fd7791a6d84f704da (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 545a40cfe..36fbc2b11 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -7,7 +7,8 @@
 # $Id: request_controller.rb,v 1.192 2009-10-19 19:26:40 francis Exp $
 
 class RequestController < ApplicationController
-    before_filter :check_read_only, :only => [ :new, :show_response, :describe_state ]
+    before_filter :check_read_only, :only => [ :new, :show_response, :describe_state, :upload_response ]
+    protect_from_forgery :only => [ :new, :show_response, :describe_state, :upload_response ] # See ActionController::RequestForgeryProtection for details
     
     def show
         # Look up by old style numeric identifiers
author	Seb Bacon <seb.bacon@gmail.com>	2011-03-09 14:58:30 +0000
committer	Seb Bacon <seb.bacon@gmail.com>	2011-03-09 14:58:30 +0000
commit	b4585af18e9c3a033f6cfe27213f0575af795a66 (patch)
tree	996efa1487ac0d8cb7e4f53ee6478ad625b9d27d /app/controllers/request_controller.rb
parent	224b8a4ba3a24af91068505c7907724448a4096d (diff)
parent	4cc2cf2a6d935adfd263ea4fd7791a6d84f704da (diff)