mirror of https://github.com/tootsuite/mastodon
62c6e12fa5
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token. |
||
---|---|---|
.. | ||
activitypub | ||
admin | ||
api | ||
auth | ||
concerns | ||
disputes | ||
oauth | ||
settings | ||
well_known | ||
about_controller.rb | ||
account_follow_controller.rb | ||
account_unfollow_controller.rb | ||
accounts_controller.rb | ||
application_controller.rb | ||
authorize_interactions_controller.rb | ||
custom_css_controller.rb | ||
directories_controller.rb | ||
emojis_controller.rb | ||
filters_controller.rb | ||
follower_accounts_controller.rb | ||
following_accounts_controller.rb | ||
health_controller.rb | ||
home_controller.rb | ||
instance_actors_controller.rb | ||
intents_controller.rb | ||
invites_controller.rb | ||
manifests_controller.rb | ||
media_controller.rb | ||
media_proxy_controller.rb | ||
public_timelines_controller.rb | ||
relationships_controller.rb | ||
remote_follow_controller.rb | ||
remote_interaction_controller.rb | ||
shares_controller.rb | ||
statuses_cleanup_controller.rb | ||
statuses_controller.rb | ||
tags_controller.rb |