Closed makyen closed 6 years ago
The filters page indicates that:
it's possible to generate your own filters on the fly
which suggests that you should be able to do it via API request. Possibly some sort of authentication bug?
@ArtOfCode- Any idea what this is about? It's like it completely ignores the skip_before_action
.
@Undo1 does your commit not fix it?
It didn't, @ArtOfCode-. Deployed it and tested with the repro JS, same error. Reverted now.
bc49db7d0da690269cfb26fff9bce33f27882d50 (above) appears to fix it... don't know why this didn't work when @Undo1 tried, but calling this fixed - reopen if not.
The following POST request results in an "InvalidAuthenticityToken" error (screenshot) when it's sent from a script running in a page from domains other than https://metasmoke.erwaysoftware.com/ (e.g. https://chat.stackexchange.com or https://stackoverflow.com).
This was initially encountered when trying to POST to this route from FIRE and passing FIRE's
key
and a validtoken
(the token works fine to submit feedback and flag). This can be tested from a chat page where FIRE runs with the following command: