mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

switch to runFormPostNoToken to work around strange yesod bug

Browse source 
I am not happy about disabling yesod's XSRF tokens, but the webapp has two
guards of its own that should suffice: Listening only to localhost
(normally) and requiring its own auth token on every single request
(always).
This commit is contained in:
Joey Hess 2013-10-14 12:19:11 -04:00
parent ce2f461ec7
commit 267f8b0bb5
11 changed files with 20 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Assistant/WebApp/Configurators/Edit.hs
View file

@ -181,7 +181,7 @@ editForm new uuid = page "Edit repository" (Just Configuration) $ do
curr <- liftAnnex $ getRepoConfig uuid mremote
liftAnnex $ checkAssociatedDirectory curr mremote
((result, form), enctype) <- liftH $
runFormPost $ renderBootstrap $ editRepositoryAForm (isNothing mremote) curr
runFormPostNoToken $ renderBootstrap $ editRepositoryAForm (isNothing mremote) curr
case result of
FormSuccess input -> liftH $ do
setRepoConfig uuid mremote curr input