From: Andy Allan <git@gravitystorm.co.uk>
Date: Wed, 2 Aug 2017 13:58:03 +0000 (+0100)
Subject: Avoid passing the current_user.id when commenting
X-Git-Tag: live~4066^2~107
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/980422533d315d623c0a880721e0f8a91c5ec19f?hp=980422533d315d623c0a880721e0f8a91c5ec19f

Avoid passing the current_user.id when commenting

Doing so doesn't appear to be necessary, and it opens up a spoofing
hole if it's actually used.
---