Add authenticity_token: true to multipart forms

Rails 4 does not generate token by default It fixes bug when you get to sign-in page after trying to upload image with comment Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Add authenticity_token: true to multipart forms
Rails 4 does not generate token by default It fixes bug when you get to sign-in page after trying to upload image with comment Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Dmitriy Zaporozhets
1 parent c959143e
Showing 3 changed files with 3 additions and 3 deletions Show diff stats
app/views/profiles/show.html.haml
app/views/projects/notes/_form.html.haml
app/views/projects/walls/show.html.haml
@@ -8,7 +8,7 @@
-= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" }  do |f|
+= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" }, authenticity_token: true do |f|
   -if @user.errors.any?
     %div.alert.alert-error
       %ul
-= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" } do |f|
+= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" }, authenticity_token: true do |f|
   = note_target_fields
   = f.hidden_field :commit_id
@@ -3,7 +3,7 @@
   - if can? current_user, :write_note, @project
     .note-form-holder
-      = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" } do |f|
+      = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" }, authenticity_token: true do |f|
         = note_target_fields
         .note_text_and_preview
           = f.text_area :note, size: 255, class: 'note_text js-note-text js-gfm-input turn-on'
	@@ -8,7 +8,7 @@		@@ -8,7 +8,7 @@
8		8
9		9
10		10
11	-= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" } do \|f\|	11	+= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" }, authenticity_token: true do \|f\|
12	-if @user.errors.any?	12	-if @user.errors.any?
13	%div.alert.alert-error	13	%div.alert.alert-error
14	%ul	14	%ul
1	-= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" } do \|f\|	1	+= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" }, authenticity_token: true do \|f\|
2		2
3	= note_target_fields	3	= note_target_fields
4	= f.hidden_field :commit_id	4	= f.hidden_field :commit_id
	@@ -3,7 +3,7 @@		@@ -3,7 +3,7 @@
3		3
4	- if can? current_user, :write_note, @project	4	- if can? current_user, :write_note, @project
5	.note-form-holder	5	.note-form-holder
6	- = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" } do \|f\|	6	+ = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" }, authenticity_token: true do \|f\|
7	= note_target_fields	7	= note_target_fields
8	.note_text_and_preview	8	.note_text_and_preview
9	= f.text_area :note, size: 255, class: 'note_text js-note-text js-gfm-input turn-on'	9	= f.text_area :note, size: 255, class: 'note_text js-note-text js-gfm-input turn-on'