0e3717eb2d
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token. |
||
---|---|---|
.. | ||
v1 | ||
v2 | ||
web | ||
base_controller.rb | ||
oembed_controller.rb |