Closed dwightwatson closed 6 years ago
Just noticed this in the new_framework_defaults_5_2.rb
file that ships with Rails 5.2.0, so I suspect this issue was introduced in this new version.
# Add default protection from forgery to ActionController::Base instead of in
# ApplicationController.
# Rails.application.config.action_controller.default_protect_from_forgery = true
Can confirm this, seeing the same here, even with
Rails.application.config.action_controller.default_protect_from_forgery = false
I do not have a griddler
instance in production on any Rails v5 applications. If someone can fix this and push a PR that'd be awesome. Otherwise, not sure I'm going to have time anytime soon to look into it.
Made a quick PR for this - the build is failing but looks like master
was already failing anyway.
When setting up Griddler with a Rails 5.2.0 app it's expecting the CSRF token to be provided with the request. I'm not sure if this was an issue introduced by this release of Rails but I can't find other references to it on this repo.
I've subclassed the controller in order to add the
skip_before_action
to get it working - but is this something you would consider adding to the gem itself?