From 3f5347c2e71b7e45333f27f0a55d9cb052ea91ad Mon Sep 17 00:00:00 2001
From: Noor Syed <noorsyed1a@gmail.com>
Date: Thu, 30 Mar 2023 09:28:14 -0400
Subject: [PATCH] RDISCROWD-5743 task browse bookmarks (add CSRF ignore) (#834)

---
 pybossa/view/account.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pybossa/view/account.py b/pybossa/view/account.py
index 7c09a6fcf..4c3383051 100644
--- a/pybossa/view/account.py
+++ b/pybossa/view/account.py
@@ -41,7 +41,7 @@
 from flask_babel import gettext
 from flask_wtf.csrf import generate_csrf
 from flask import jsonify
-from pybossa.core import signer, uploader, sentinel, newsletter
+from pybossa.core import signer, uploader, sentinel, newsletter, csrf
 from pybossa.util import Pagination, handle_content_type, admin_required
 from pybossa.util import admin_or_subadmin_required
 from pybossa.util import get_user_signup_method, generate_invitation_email_for_new_user
@@ -1201,6 +1201,7 @@ def _delete_bookmark(user_name, short_name, bookmark_name):
 
 @blueprint.route('/<user_name>/taskbrowse_bookmarks/<short_name>', methods=['GET', 'POST', 'DELETE'])
 @login_required
+@csrf.exempt
 def taskbrowse_bookmarks(user_name, short_name):
     if current_user.name != user_name:
         return abort(404)