Fix loading ActiveStorage::DiskController when CSRF protection is disabled by default

author: George Claghorn <george@basecamp.com> 2017-11-21 14:59:30 -0500
committer: George Claghorn <george@basecamp.com> 2017-11-21 14:59:30 -0500
commit: 4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6 (patch)
tree: 50f5614e078d58ff0292e26fde8eed70b5931eda /activestorage/app
parent: 3fa812615a28f9c6392c433f3b08c41c5efb999f (diff)
download: rails-4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6.tar.gz
rails-4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6.tar.bz2
rails-4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/activestorage/app/controllers/active_storage/disk_controller.rb b/activestorage/app/controllers/active_storage/disk_controller.rb
index 8caecfff49..a7e10c0696 100644
--- a/activestorage/app/controllers/active_storage/disk_controller.rb
+++ b/activestorage/app/controllers/active_storage/disk_controller.rb
@@ -5,7 +5,7 @@
 # Always go through the BlobsController, or your own authenticated controller, rather than directly
 # to the service url.
 class ActiveStorage::DiskController < ActionController::Base
-  skip_forgery_protection
+  skip_forgery_protection if default_protect_from_forgery
 
   def show
     if key = decode_verified_key
author	George Claghorn <george@basecamp.com>	2017-11-21 14:59:30 -0500
committer	George Claghorn <george@basecamp.com>	2017-11-21 14:59:30 -0500
commit	4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6 (patch)
tree	50f5614e078d58ff0292e26fde8eed70b5931eda /activestorage/app
parent	3fa812615a28f9c6392c433f3b08c41c5efb999f (diff)
download	rails-4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6.tar.gz rails-4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6.tar.bz2 rails-4d5f0bb30b5ac76407c9864b83b69b8a83ac3dd6.zip