Defect #37030 ยป 37030.patch
| app/controllers/mail_handler_controller.rb | ||
|---|---|---|
| 22 | 22 | |
| 23 | 23 |
before_action :check_credential |
| 24 | 24 | |
| 25 |
# Requests from rdm-mailhandler.rb don't contain CSRF tokens |
|
| 26 |
skip_before_action :verify_authenticity_token |
|
| 27 | ||
| 25 | 28 |
# Displays the email submission form |
| 26 | 29 |
def new |
| 27 | 30 |
end |
| test/functional/mail_handler_controller_test.rb | ||
|---|---|---|
| 170 | 170 |
end |
| 171 | 171 |
assert_response :success |
| 172 | 172 |
end |
| 173 | ||
| 174 |
def test_should_skip_verify_authenticity_token |
|
| 175 |
ActionController::Base.allow_forgery_protection = true |
|
| 176 |
assert_nothing_raised {test_should_create_issue}
|
|
| 177 |
ensure |
|
| 178 |
ActionController::Base.allow_forgery_protection = false |
|
| 179 |
end |
|
| 173 | 180 |
end |