From: Andy Allan <git@gravitystorm.co.uk>
Date: Wed, 27 Mar 2019 10:24:31 +0000 (+0100)
Subject: Check validity token in changesets controller
X-Git-Tag: live~2745^2
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/0e09252840c19bcfbd7413edb009683317e23bb8?hp=c82fdf8e0fd4e5a8f2d831592d5e1fe13e1fe558

Check validity token in changesets controller

It makes no difference today, but prevents problems in future if
methods accepting post requests are added to this controller in future.
---

diff --git a/app/controllers/changesets_controller.rb b/app/controllers/changesets_controller.rb
index 32d9fd733..3b20130d0 100644
--- a/app/controllers/changesets_controller.rb
+++ b/app/controllers/changesets_controller.rb
@@ -4,7 +4,6 @@ class ChangesetsController < ApplicationController
   layout "site"
   require "xml/libxml"
 
-  skip_before_action :verify_authenticity_token, :except => [:index]
   before_action :authorize_web
   before_action :set_locale
   before_action -> { check_database_readable(true) }, :only => [:index, :feed]