diff options
| -rw-r--r-- | lib/api/helpers.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 8b8c4eb4d46..281a8f13531 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -25,7 +25,7 @@ module API # Until CSRF protection is added to the API, disallow this method for # state-changing endpoints def find_user_from_warden - warden.try(:authenticate) if request.get? || request.head? + warden.try(:authenticate) if %w[GET HEAD].include?(env['REQUEST_METHOD']) end def find_user_by_private_token |