From 663ec52feacf879b8f99b01afb1dc7d7439d84ac Mon Sep 17 00:00:00 2001
From: Baptiste Gelez <baptiste@gelez.xyz>
Date: Mon, 22 Oct 2018 14:36:44 +0100
Subject: [PATCH] Disable CSRF for the whole API

---
 src/main.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main.rs b/src/main.rs
index cfa8c87b..e7cfffdd 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -180,7 +180,7 @@ fn main() {
                     ("/@/<name>/inbox".to_owned(), "/@/<name>/inbox".to_owned(), rocket::http::Method::Post),
                     ("/login".to_owned(), "/login".to_owned(), rocket::http::Method::Post),
                     ("/users/new".to_owned(), "/users/new".to_owned(), rocket::http::Method::Post),
-                    ("/api/v1/<endpoint>".to_owned(), "/api/v1/<endpoint>".to_owned(), rocket::http::Method::Post)
+                    ("/api/<path..>".to_owned(), "/api/<path..>".to_owned(), rocket::http::Method::Post)
                 ])
                 .finalize().expect("main: csrf fairing creation error"))
         .launch();