treehouse
/
mastodon
22
8
Fork 5
Code Issues 32 Pull Requests Projects 1 Releases Wiki Activity
mastodon/app/controllers/api/v1
History
Claire 62c6e12fa5
Fix admin API unconditionally requiring CSRF token (#17975) 
Fixes #17898

Since #17204, the admin API has only been available through the web
application because of the unconditional requirement to provide a valid CSRF
token.

This commit changes it back to `null_session`, which should make it work
both with session-based authentication (provided a CSRF token) and with a
bearer token.
 		2022-04-06 20:57:18 +02:00
..
accounts
admin Fix admin API unconditionally requiring CSRF token (#17975) 2022-04-06 20:57:18 +02:00
announcements
apps
crypto
emails
featured_tags
instances
lists
polls
push
statuses
timelines
trends
accounts_controller.rb
announcements_controller.rb
apps_controller.rb
blocks_controller.rb
bookmarks_controller.rb
conversations_controller.rb
custom_emojis_controller.rb
directories_controller.rb
domain_blocks_controller.rb
endorsements_controller.rb
favourites_controller.rb
featured_tags_controller.rb
filters_controller.rb
follow_requests_controller.rb
instances_controller.rb
lists_controller.rb
markers_controller.rb
media_controller.rb
mutes_controller.rb
notifications_controller.rb
polls_controller.rb
preferences_controller.rb
reports_controller.rb
scheduled_statuses_controller.rb
statuses_controller.rb
streaming_controller.rb
suggestions_controller.rb