check scrf param replace

Andrey Karpikov
1 parent d6c46194
Showing 2 changed files with 7 additions and 7 deletions
app/controllers/kanjai/pages_controller.rb
lib/kanjai/version.rb
--- a/app/controllers/kanjai/pages_controller.rb
View file @e8f9a5d
+++ b/app/controllers/kanjai/pages_controller.rb
View file @e8f9a5d
@@ -99,8 +99,8 @@ module Kanjai
 
       session[:scheme] = 'http://'
 
-      layer.gsub!('<meta name="csrf-param" content="###CSRF_PARAM###"/>', '')
-      layer.gsub!('<meta name="csrf-token" content="###CSRF_TOKEN###"/>', '')
+      #layer.gsub!('<meta name="csrf-param" content="###CSRF_PARAM###"/>', '')
+      #layer.gsub!('<meta name="csrf-token" content="###CSRF_TOKEN###"/>', '')
 
       domain.page_langs.each do |item|
         if item.code.to_s != I18n.locale.to_s
@@ -191,13 +191,13 @@ module Kanjai
             end
             layer.gsub!(marker, content)
           when '###CSRF_PARAM###'
-            if current_admin_user || (class_exists?('UserSession') && UserSession.current_user)
+            #if current_admin_user || (class_exists?('UserSession') && UserSession.current_user)
               layer.gsub!(marker, Rack::Utils.escape_html(request_forgery_protection_token))
-            end
+            #end
           when '###CSRF_TOKEN###'
-            if current_admin_user || (class_exists?('UserSession') && UserSession.current_user)
+            #if current_admin_user || (class_exists?('UserSession') && UserSession.current_user)
               layer.gsub!(marker, Rack::Utils.escape_html(form_authenticity_token))
-            end
+            #end
           when '###DOMAIN_NAME###'
             layer.gsub!(marker, session[:scheme] + ADMIN_CONFIG['domain_name'])
           when '###INCLUDE_JS_FILE###'
--- a/lib/kanjai/version.rb
View file @e8f9a5d
+++ b/lib/kanjai/version.rb
View file @e8f9a5d
 module Kanjai
-  VERSION = "0.0.374"
+  VERSION = "0.0.375"
 end