grantonthenet
/
microblog
forked from berserker/microblog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access (#19803)

Browse Source 
New environment variable `DISALLOW_UNAUTHENTICATED_API_ACCESS`
main^2
Eugen Rochko 2 years ago committed by GitHub
parent d0c9ac3919
commit 3a41fccc43
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      app/controllers/api/base_controller.rb

2
app/controllers/api/base_controller.rb
Unescape View File

@ -133,7 +133,7 @@ class Api::BaseController < ApplicationController
end
def disallow_unauthenticated_api_access?
authorized_fetch_mode?
ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.whitelist_mode
end
private

Write Preview
Loading…
Cancel
Save