mirror of
https://github.com/lunaisnotaboy/mastodon.git
synced 2024-11-19 05:13:01 +00:00
62c6e12fa5
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token. |
||
---|---|---|
.. | ||
v1 | ||
v2 | ||
web | ||
base_controller.rb | ||
oembed_controller.rb |