Tweaked the controller to use 'protect_from_forgery' properly

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d83690e1b9a6bdd8a08754b38231799acefcb2ab..840f64a869d8e9f56d14c3ccb01bf4edab74f199 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,5 +1,6 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
-  protect_from_forgery with: :exception
+  # protect_from_forgery with: :exception
+  protect_from_forgery with: :null_session
 end

diff --git a/app/controllers/feed_controller.rb b/app/controllers/feed_controller.rb
index 41e357a13bb90e0ff7ca0d0cc11f7f240b5a60b6..2fd0bd60064b49552ddf3796bff41acc8eb59dcb 100644 (file)
--- a/app/controllers/feed_controller.rb
+++ b/app/controllers/feed_controller.rb
@@ -1,9 +1,8 @@
 class FeedController < ApplicationController
   
-  skip_before_filter :verify_authenticity_token
+  # skip_before_filter :verify_authenticity_token
 
   def index
-    # @feeds = FeedItem.find(:all, :select => 'DISTINCT feed_name')
     @feeds = FeedItem.select(:feed_name).distinct
     respond_to do |format|
       format.html
@@ -17,7 +16,7 @@ class FeedController < ApplicationController
       @feed_name = params[:feed_name]
       @feed_items = FeedItem.in_feed(@feed_name)
       respond_to do |format|
-        if @feed_items == []
+        if @feed_items.empty?
           flash[:notice] = "No items in feed #{@feed_name}"
           format.html { redirect_to index_path }
           format.rss  { render :layout => false }