Browse Source

Removed forgery protection from email confirmation page

development
Godwin 9 years ago
parent
commit
553496d51d
  1. 2
      app/controllers/application_controller.rb
  2. 2
      app/views/application/_login_confirm.html.haml

2
app/controllers/application_controller.rb

@ -6,7 +6,7 @@ end
class ApplicationController < LinguaFrancaApplicationController class ApplicationController < LinguaFrancaApplicationController
# Prevent CSRF attacks by raising an exception. # Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead. # For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception protect_from_forgery with: :exception, :except => [:do_confirm]
before_filter :capture_page_info before_filter :capture_page_info

2
app/views/application/_login_confirm.html.haml

@ -2,7 +2,7 @@
= columns(medium: 12) do = columns(medium: 12) do
%h2=_'articles.permission_denied.headings.confirm_email','Please confirm your email address' %h2=_'articles.permission_denied.headings.confirm_email','Please confirm your email address'
= columns(medium: 6, large: 5) do = columns(medium: 6, large: 5) do
= form_tag :do_confirm do = form_tag :do_confirm, :authenticity_token => false do
.email-field.input-field .email-field.input-field
= email_field_tag :email, nil, required: true = email_field_tag :email, nil, required: true
= label_tag :email = label_tag :email

Loading…
Cancel
Save