impress/app/views
Matchu 5cec28e29b fix logout bug: stop caching authenticity_token fields
Many forms on the site contain a hidden authenticity_token field,
unique to each visitory. If a user submits a request with an
invalid authenticity_token, Rails assumes that it's a CSRF attempt
and logs out the user. So, if we happen to cache those forms with
authenticity_token fields, all users who use that form will have
the same authenticity_token (valid for only the first user who
saw the form, invalid for everyone else), and all requests made
through that form will log out the user. Bad news.

So, we stopped caching those forms. Yay!
2012-08-07 17:32:51 -04:00
..
broken_image_reports carrierwave for asset swfs 2012-07-16 16:45:26 -04:00
closet_hangers filter lists on petpage export 2012-04-08 15:59:51 -05:00
closet_lists hide list description on drag-n-drop 2011-07-30 23:07:58 -04:00
contributions give user paths a canonical tag 2011-07-26 18:56:14 -04:00
items oops. accidentally used trading post url for auctions. fixed 2012-05-23 20:12:17 -04:00
layouts add thumbnails to outfits#show via open graph 2012-07-29 16:45:12 -04:00
neopets_pages import sdb as well as closet 2011-08-02 22:42:56 -04:00
neopets_users import items from pets 2011-08-03 11:35:06 -04:00
outfits fix logout bug: stop caching authenticity_token fields 2012-08-07 17:32:51 -04:00
pets fix logout bug: stop caching authenticity_token fields 2012-08-07 17:32:51 -04:00
sitemap dynamic robots.txt to refer to sitemap.xml 2011-05-20 20:59:35 -04:00
static oops, remove maintenance message 2012-01-26 13:30:12 -06:00
users top contributors 2010-11-06 12:15:10 -04:00