From 93db265be7b648fe095d5a92b76c5c7077c72ac2 Mon Sep 17 00:00:00 2001 From: Eugen Date: Sun, 9 Apr 2017 22:21:52 +0200 Subject: [PATCH] Do not store last visited URL from API controllers (#1330) Sign-in redirects you back to last visited URL, but in case of API requests, this sometimes redirected users to an API URL that, of course, greeted them with an {"error":"The access token is invalid"} --- app/controllers/api_controller.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index db16f82e5b..57604f1dc4 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -7,6 +7,7 @@ class ApiController < ApplicationController protect_from_forgery with: :null_session skip_before_action :verify_authenticity_token + skip_before_action :store_current_location before_action :set_rate_limit_headers