From 9ddfdfff9366793516bc09289a1da6156dfd12ca Mon Sep 17 00:00:00 2001
From: Gareth Rees <gareth@mysociety.org>
Date: Thu, 2 Oct 2014 10:17:07 +0100
Subject: Add global protect_from_forgery
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Grepping the git logs didn’t bring up a good reason for this to be
excluded. Seems like it came along after the app was initially created
so it never got fully added for fear of regressions. The specs pass for this
commit.
---
 app/controllers/comment_controller.rb | 1 -
 1 file changed, 1 deletion(-)

(limited to 'app/controllers/comment_controller.rb')

diff --git a/app/controllers/comment_controller.rb b/app/controllers/comment_controller.rb
index 2c0037577..890e9faaa 100644
--- a/app/controllers/comment_controller.rb
+++ b/app/controllers/comment_controller.rb
@@ -10,7 +10,6 @@ class CommentController < ApplicationController
     before_filter :create_track_thing, :only => [ :new ]
     before_filter :reject_unless_comments_allowed, :only => [ :new ]
     before_filter :reject_if_user_banned, :only => [ :new ]
-    protect_from_forgery :only => [ :new ]
 
     def new
         if params[:comment]
-- 
cgit v1.2.3