mirror of
				https://github.com/lunaisnotaboy/mastodon.git
				synced 2025-10-24 15:15:07 +00:00 
			
		
		
		
	CSRF token checking was enabled for API controllers in #6223, producing "Can't verify CSRF token authenticity" log spam. This disables logging of failed CSRF checks. This also changes the protection strategy for PushSubscriptionsController to use exceptions, making it consistent with other controllers that use sessions.
		
			
				
	
	
		
			4 lines
		
	
	
		
			90 B
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			4 lines
		
	
	
		
			90 B
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| # frozen_string_literal: true
 | |
| 
 | |
| ActionController::Base.log_warning_on_csrf_failure = false
 |