controllers: use default Rails settings for protecting against forgery
Rails uses `config.action_controller.allow_forgery_protection` to enable or disable forgery protection globaly. This is disabled for tests by default. So our custom config is not required.
This commit is contained in:
parent
5908b8019a
commit
a99a6cc49f
1 changed files with 0 additions and 3 deletions
|
@ -5,9 +5,6 @@ class ApplicationController < ActionController::Base
|
||||||
|
|
||||||
MAINTENANCE_MESSAGE = 'Le site est actuellement en maintenance. Il sera à nouveau disponible dans un court instant.'
|
MAINTENANCE_MESSAGE = 'Le site est actuellement en maintenance. Il sera à nouveau disponible dans un court instant.'
|
||||||
|
|
||||||
# Prevent CSRF attacks by raising an exception.
|
|
||||||
# For APIs, you may want to use :null_session instead.
|
|
||||||
protect_from_forgery with: :exception, if: -> { !Rails.env.test? }
|
|
||||||
before_action :set_current_roles
|
before_action :set_current_roles
|
||||||
before_action :set_sentry_user
|
before_action :set_sentry_user
|
||||||
before_action :redirect_if_untrusted
|
before_action :redirect_if_untrusted
|
||||||
|
|
Loading…
Reference in a new issue