Disable CSRF for the whole API
This commit is contained in:
parent
2394ff424b
commit
663ec52fea
@ -180,7 +180,7 @@ fn main() {
|
||||
("/@/<name>/inbox".to_owned(), "/@/<name>/inbox".to_owned(), rocket::http::Method::Post),
|
||||
("/login".to_owned(), "/login".to_owned(), rocket::http::Method::Post),
|
||||
("/users/new".to_owned(), "/users/new".to_owned(), rocket::http::Method::Post),
|
||||
("/api/v1/<endpoint>".to_owned(), "/api/v1/<endpoint>".to_owned(), rocket::http::Method::Post)
|
||||
("/api/<path..>".to_owned(), "/api/<path..>".to_owned(), rocket::http::Method::Post)
|
||||
])
|
||||
.finalize().expect("main: csrf fairing creation error"))
|
||||
.launch();
|
||||
|
Loading…
Reference in New Issue
Block a user