Merge pull request #127 from SuperTux88/csrf-protection

Disable forgery protection for ReceiveController

app/controllers/diaspora_federation/receive_controller.rb

@@ -5,6 +5,8 @@
 module DiasporaFederation
   # This controller processes receiving messages.
   class ReceiveController < ApplicationController
+    skip_forgery_protection
+
     # Receives public messages
     #
     # POST /receive/public

spec/spec_helper.rb

@@ -50,7 +50,11 @@
     expect_config.syntax = :expect
   end
 
-  unless defined?(::Rails)
+  if defined?(::Rails)
+    config.before(:each, type: :controller) do
+      ActionController::Base.allow_forgery_protection = true
+    end
+  else
     config.exclude_pattern = "**/controllers/**/*_spec.rb, **/routing/**/*_spec.rb"
     config.filter_run_excluding rails: true
   end