Branch: refs/heads/master Home: https://github.com/aeolus-incubator/tim Commit: b1a5b057b894d03eec624c7665d49ac2071b92d4 https://github.com/aeolus-incubator/tim/commit/b1a5b057b894d03eec624c7665d49... Author: Jan Provaznik jprovazn@redhat.com Date: 2012-12-14 (Fri, 14 Dec 2012)
Changed paths: M app/controllers/tim/application_controller.rb
Log Message: ----------- Removed protect_from_forgery before_filter
I think it's OK to leave responsibility/decision if this filter should be used or not on application which includes Tim engine. protect_from_forgery filter is usually set for all application controllers (in ApplicationController). Adding this filter again in Tim's controller implies that this filter is called twice during executing filter chain.
This filter resets session, impact for Conductor is that then for requests which uses http auth basic is session not set.
Commit: f95abb412dde201dc39565c60a490915e9acd973 https://github.com/aeolus-incubator/tim/commit/f95abb412dde201dc39565c60a490... Author: mtaylor mtaylor@redhat.com Date: 2012-12-14 (Fri, 14 Dec 2012)
Changed paths: M app/controllers/tim/application_controller.rb
Log Message: ----------- Merge pull request #79 from jprovaznik/forgery
Removed protect_from_forgery before_filter
Compare: https://github.com/aeolus-incubator/tim/compare/c5fd353c825a...f95abb412dde
aeolus-devel@lists.fedorahosted.org