Matt-Yorkley f1002b953d Disable Javascript CSRF protection on EnterprisesController#check_permalink route ...

This route checks if an enterprise permalink is taken or not. Allowing the route to be accessed via Javascript without strict CSRF protection is reasonable. Fixes the following errors:

ActionController::InvalidCrossOriginRequest: Security warning: an embedded <script> tag on another site requested protected JavaScript. If you know what you're doing, go ahead and disable forgery protection on this action to permit cross-origin JavaScript embedding.

2020-11-27 13:59:46 +00:00

..

admin

Revert "Move Spree::Admin::BaseController to Admin::BaseController"

2020-11-27 14:11:57 +01:00

api

change from render json to render plain due to template missing issue

2020-11-27 13:59:46 +00:00

concerns

Add user id logging to OrderCycle an Schedule PaperTrail entries

2020-08-15 14:49:08 +01:00

spree

Avoid calling update with nil values

2020-11-27 13:59:46 +00:00

stripe

Rename all before_filter to before_action, it's the same function with a new name

2020-06-22 13:11:57 +01:00

application_controller.rb

Remove temporary debugging helpers added during the Rails 4 upgrade.

2020-09-12 12:25:43 +01:00

base_controller.rb

Remove redundant includes

2020-08-19 10:37:18 +10:00

cart_controller.rb

Fix respond_with error

2020-11-27 13:59:46 +00:00

checkout_controller.rb

move gateway_error require to lib/spree/core.rb

2020-11-10 14:55:56 -08:00

discourse_sso_controller.rb

Rename all before_filter to before_action, it's the same function with a new name

2020-06-22 13:11:57 +01:00

enterprises_controller.rb

Disable Javascript CSRF protection on EnterprisesController#check_permalink route

2020-11-27 13:59:46 +00:00

groups_controller.rb

Update deprecated #find_by_* methods

2020-02-22 11:06:51 +00:00

home_controller.rb

Move unauthorized view to HomeController only, all other calls to unauthorized will go through Auth which will redirect to the home controller IF the user is logged in or to login if user is not logged in

2020-07-15 14:54:52 +01:00

line_items_controller.rb

Rename all before_filter to before_action, it's the same function with a new name

2020-06-22 13:11:57 +01:00

map_controller.rb

Result of rubocop auto-correct and rebuilding rubocop_manual_todo

2019-05-28 12:57:29 +01:00

metal_decorator.rb

Add ActionController::Metal frorm spree_auth_devise for api authentication

2019-07-06 10:50:48 +01:00

producers_controller.rb

Rename all before_filter to before_action, it's the same function with a new name

2020-06-22 13:11:57 +01:00

registration_controller.rb

Rename all before_filter to before_action, it's the same function with a new name

2020-06-22 13:11:57 +01:00

shop_controller.rb

Rename all before_filter to before_action, it's the same function with a new name

2020-06-22 13:11:57 +01:00

shops_controller.rb

Rename all before_filter to before_action, it's the same function with a new name

2020-06-22 13:11:57 +01:00

sitemap_controller.rb

#1027: Use url helpers for basic pages

2017-01-12 10:18:30 +00:00

user_confirmations_controller.rb

Verify the user is confirmed before returning a reset password token

2020-07-31 09:14:07 +01:00

user_passwords_controller.rb

Remove conflicting and duplicate route

2020-07-21 13:27:06 +02:00

user_registrations_controller.rb

Delete spree_user_signup which is from spree promotions code that we dont use

2020-07-15 14:53:35 +01:00