Add authenticity_token: true to multipart forms

Rails 4 does not generate token by default It fixes bug when you get to sign-in page after trying to upload image with comment Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-12-12 19:05:21 +02:00 · 2013-12-12 19:05:21 +02:00 · 9b7b27ce72
parent c959143ed7
commit 9b7b27ce72
3 changed files with 3 additions and 3 deletions
--- a/app/views/profiles/show.html.haml
+++ b/app/views/profiles/show.html.haml
@ -8,7 +8,7 @@



-= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" }  do |f|
+= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" }, authenticity_token: true do |f|
  -if @user.errors.any?
    %div.alert.alert-error
      %ul
--- a/app/views/projects/notes/_form.html.haml
+++ b/app/views/projects/notes/_form.html.haml
@ -1,4 +1,4 @@
-= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" } do |f|
+= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" }, authenticity_token: true do |f|

  = note_target_fields
  = f.hidden_field :commit_id
--- a/app/views/projects/walls/show.html.haml
+++ b/app/views/projects/walls/show.html.haml
@ -3,7 +3,7 @@

  - if can? current_user, :write_note, @project
    .note-form-holder
-      = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" } do |f|
+      = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" }, authenticity_token: true do |f|
        = note_target_fields
        .note_text_and_preview
          = f.text_area :note, size: 255, class: 'note_text js-note-text js-gfm-input turn-on'