From 9ddfdfff9366793516bc09289a1da6156dfd12ca Mon Sep 17 00:00:00 2001
From: Gareth Rees <gareth@mysociety.org>
Date: Thu, 2 Oct 2014 10:17:07 +0100
Subject: Add global protect_from_forgery
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Grepping the git logs didn’t bring up a good reason for this to be
excluded. Seems like it came along after the app was initially created
so it never got fully added for fear of regressions. The specs pass for this
commit.
---
 app/controllers/admin_controller.rb | 1 -
 1 file changed, 1 deletion(-)

(limited to 'app/controllers/admin_controller.rb')

diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
index 3bf40b8f9..7760c372b 100644
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@@ -9,7 +9,6 @@ require 'fileutils'
 class AdminController < ApplicationController
     layout "admin"
     before_filter :authenticate
-    protect_from_forgery # See ActionController::RequestForgeryProtection for details
 
     # action to take if expecting an authenticity token and one isn't received
     def handle_unverified_request
-- 
cgit v1.2.3