tildeverse
/
tilde.news
mirror of https://github.com/tildeverse/lobsters
5
3
Fork 3
Code Issues 2 Releases Wiki Activity

revert cookie change for csrf issue

This commit is contained in:
Peter Bhat Harkins 2023-10-07 07:18:10 -05:00
parent d13c6c4676
commit 3c22b187bf
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/controllers/application_controller.rb
View File

@ -10,7 +10,9 @@ class ApplicationController < ActionController::Base
before_action :prepare_exception_notifier
before_action :set_traffic_style
after_action :clear_lobster_trap
# 2023-10-07 one user in one of their browser envs is getting a CSRF failure, I'm reverting
# because I'll be AFK a while.
# after_action :clear_lobster_trap
# match this nginx config for bypassing the file cache
TAG_FILTER_COOKIE = :tag_filters
@ -67,6 +69,7 @@ class ApplicationController < ActionController::Base
def clear_lobster_trap
key = Rails.application.config.session_options[:key] # "lobster_trap"
cookies.delete(key) if @user.blank?
# this probably should test session.empty? && controller...
request.session_options[:skip] = @user.blank? && controller_name != "login"
end