diff --git a/app/views/user/_contact.html.erb b/app/views/user/_contact.html.erb
index 9bac0dc2d..2418ed24c 100644
--- a/app/views/user/_contact.html.erb
+++ b/app/views/user/_contact.html.erb
@@ -33,9 +33,9 @@
<%= link_to t('user.view.send message'), :controller => 'message', :action => 'new', :display_name => contact.display_name %>
|
<% if @user.is_friends_with?(contact) %>
- <%= link_to t('user.view.remove as friend'), :controller => 'user', :action => 'remove_friend', :display_name => contact.display_name, :referer => request.fullpath %>
+ <%= link_to t('user.view.remove as friend'), :controller => 'user', :action => 'remove_friend', :display_name => contact.display_name, :referer => request.fullpath, :method => :post %>
<% else %>
- <%= link_to t('user.view.add as friend'), :controller => 'user', :action => 'make_friend', :display_name => contact.display_name, :referer => request.fullpath %>
+ <%= link_to t('user.view.add as friend'), :controller => 'user', :action => 'make_friend', :display_name => contact.display_name, :referer => request.fullpath, :method => :post %>
<% end %>
diff --git a/app/views/user/view.html.erb b/app/views/user/view.html.erb
index f8af1fccf..70e4f1828 100644
--- a/app/views/user/view.html.erb
+++ b/app/views/user/view.html.erb
@@ -39,9 +39,9 @@
<%= link_to t('user.view.comments'), :controller => 'diary_entry', :action => 'comments', :display_name => @this_user.display_name %>
|
<% if @user and @user.is_friends_with?(@this_user) %>
- <%= link_to t('user.view.remove as friend'), :controller => 'user', :action => 'remove_friend', :display_name => @this_user.display_name %>
+ <%= link_to t('user.view.remove as friend'), :controller => 'user', :action => 'remove_friend', :display_name => @this_user.display_name, :method => :post %>
<% else %>
- <%= link_to t('user.view.add as friend'), :controller => 'user', :action => 'make_friend', :display_name => @this_user.display_name %>
+ <%= link_to t('user.view.add as friend'), :controller => 'user', :action => 'make_friend', :display_name => @this_user.display_name, :method => :post %>
<% end %>
<% if @this_user.blocks.exists? %>
|
diff --git a/config/routes.rb b/config/routes.rb
index 6b8164537..c5119b945 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -174,8 +174,8 @@ OpenStreetMap::Application.routes.draw do
# user pages
match '/user/:display_name' => 'user#view', :via => :get, :as => "user"
- match '/user/:display_name/make_friend' => 'user#make_friend', :via => :get
- match '/user/:display_name/remove_friend' => 'user#remove_friend', :via => :get
+ match '/user/:display_name/make_friend' => 'user#make_friend', :via => :post
+ match '/user/:display_name/remove_friend' => 'user#remove_friend', :via => :post
match '/user/:display_name/account' => 'user#account', :via => [:get, :post]
match '/user/:display_name/set_status' => 'user#set_status', :via => :get, :as => :set_status_user
match '/user/:display_name/delete' => 'user#delete', :via => :get, :as => :delete_user
diff --git a/test/functional/user_controller_test.rb b/test/functional/user_controller_test.rb
index 4379a1d49..e85308183 100644
--- a/test/functional/user_controller_test.rb
+++ b/test/functional/user_controller_test.rb
@@ -140,11 +140,11 @@ class UserControllerTest < ActionController::TestCase
)
assert_routing(
- { :path => "/user/username/make_friend", :method => :get },
+ { :path => "/user/username/make_friend", :method => :post },
{ :controller => "user", :action => "make_friend", :display_name => "username" }
)
assert_routing(
- { :path => "/user/username/remove_friend", :method => :get },
+ { :path => "/user/username/remove_friend", :method => :post },
{ :controller => "user", :action => "remove_friend", :display_name => "username" }
)