From 7068571b286f8f61bdc4f81ca53fb5ee5b7a2681 Mon Sep 17 00:00:00 2001
From: Neil Smith <neil.git@njae.me.uk>
Date: Fri, 17 Jan 2014 18:41:31 +0000
Subject: [PATCH] Tweaked the controller to use 'protect_from_forgery' properly

---
 app/controllers/application_controller.rb | 3 ++-
 app/controllers/feed_controller.rb        | 5 ++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d83690e..840f64a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,5 +1,6 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
-  protect_from_forgery with: :exception
+  # protect_from_forgery with: :exception
+  protect_from_forgery with: :null_session
 end
diff --git a/app/controllers/feed_controller.rb b/app/controllers/feed_controller.rb
index 41e357a..2fd0bd6 100644
--- a/app/controllers/feed_controller.rb
+++ b/app/controllers/feed_controller.rb
@@ -1,9 +1,8 @@
 class FeedController < ApplicationController
   
-  skip_before_filter :verify_authenticity_token
+  # skip_before_filter :verify_authenticity_token
 
   def index
-    # @feeds = FeedItem.find(:all, :select => 'DISTINCT feed_name')
     @feeds = FeedItem.select(:feed_name).distinct
     respond_to do |format|
       format.html
@@ -17,7 +16,7 @@ class FeedController < ApplicationController
       @feed_name = params[:feed_name]
       @feed_items = FeedItem.in_feed(@feed_name)
       respond_to do |format|
-        if @feed_items == []
+        if @feed_items.empty?
           flash[:notice] = "No items in feed #{@feed_name}"
           format.html { redirect_to index_path }
           format.rss  { render :layout => false }
-- 
2.43.0