Set dummy app forgery protection to false

This reverts a previous change setting dummy app forgery protection to true. Rails prefers testing to be performed with forgery protection set to false. This change will also allow for use of system specs in Solidus frontend.
solidusio · Jan 11, 2021 · 4ffd0d3 · 4ffd0d3
1 parent 7b15fbf
commit 4ffd0d3
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/core/lib/spree/testing_support/dummy_app.rb b/core/lib/spree/testing_support/dummy_app.rb
@@ -17,6 +17,7 @@
 
 # @private
 class ApplicationController < ActionController::Base
+  protect_from_forgery with: :exception
 end
 
 # @private
@@ -52,8 +53,8 @@ class Application < ::Rails::Application
     config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
     config.whiny_nils = true
     config.consider_all_requests_local = true
-    config.action_controller.allow_forgery_protection = true
-    config.action_controller.default_protect_from_forgery = true
+    config.action_controller.allow_forgery_protection = false
+    config.action_controller.default_protect_from_forgery = false
     config.action_controller.perform_caching = false
     config.action_dispatch.show_exceptions = false
     config.active_support.deprecation = :stderr