0
0
instrumental/app/controllers/api
Patrick Figel 537d2939b1 Suppress CSRF token warnings (#6240)
CSRF token checking was enabled for API controllers in #6223,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.

This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
2018-01-15 06:51:23 +01:00
..
v1 Represent numbers by strings in instance activity API (#6198) 2018-01-05 22:38:33 +01:00
web Suppress CSRF token warnings (#6240) 2018-01-15 06:51:23 +01:00
base_controller.rb Refactor /api/web APIs to use the centralized axios instance (#6223) 2018-01-08 20:01:33 +01:00
oembed_controller.rb Update status embeds (#4742) 2017-08-30 10:23:43 +02:00
push_controller.rb Fix #2672 - Connect signed PuSH subscription requests to instance domain (#4205) 2017-07-14 23:01:20 +02:00
salmon_controller.rb Fix HTTP responses for salmon and ActivityPub inbox processing (#5200) 2017-10-03 23:21:19 +02:00
subscriptions_controller.rb HTTP signatures (#4146) 2017-07-14 20:41:49 +02:00