ab7f429a10
Spammers can bypass form_spam_protect plugin by using GET instead of POST. Fix this, by ensuring that unsafe operations are POSTs, rather than GETs. |
||
---|---|---|
.. | ||
admin_controller.rb | ||
application.rb | ||
cache_sweeping_helper.rb | ||
file_controller.rb | ||
revision_sweeper.rb | ||
web_sweeper.rb | ||
wiki_controller.rb |