kill forgery protection until page caching token nonsense is sorted out

nakajima · Jul 21, 2008 · 85facf4 · 85facf4
1 parent 608616d
commit 85facf4
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/app/controllers/application.rb b/app/controllers/application.rb
@@ -10,7 +10,7 @@ class ApplicationController < ActionController::Base
 
   # See ActionController::RequestForgeryProtection for details
   # Uncomment the :secret if you're not using the cookie session store
-  protect_from_forgery :secret => 'ad5fcf9cf9a6c79ef7b70f6ff02c6fca8e6692d9cd48306a21f27be3e36658f49234fe'
+  # protect_from_forgery :secret => 'ad5fcf9cf9a6c79ef7b70f6ff02c6fca8e6692d9cd48306a21f27be3e36658f49234fe'
 
   def expire_path(file)
     file = RAILS_ROOT + '/public' + file

diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb
@@ -1,7 +1,7 @@
 class CommentsController < ApplicationController
   before_filter :login_required, :only => [:update, :destroy]
   before_filter :get_commentable
-  skip_before_filter :verify_authenticity_token, :only => :update
+  # skip_before_filter :verify_authenticity_token, :only => :update
   after_filter :expire_index!, :only => [:create, :update, :destroy]