fix #1138 where openid login was broken because of csrf changes in rails

2025-12-25 11:38:49 +01:00 · 2011-04-14 12:52:41 +02:00 · 2011-04-14 12:52:41 +02:00 · 52acf17270
commit 52acf17270
parent c6e1760278
1 changed files with 1 additions and 1 deletions
--- a/app/controllers/login_controller.rb
+++ b/app/controllers/login_controller.rb
@ -7,7 +7,7 @@ class LoginController < ApplicationController
  before_filter :login_optional
  before_filter :get_current_user

-  protect_from_forgery :except => :check_expiry
+  protect_from_forgery :except => [:check_expiry, :login]

  if ( SITE_CONFIG['authentication_schemes'].include? 'cas')
    # This will allow the user to view the index page without authentication