From 9b7b27ce7216652493648228f2352d1d08836549 Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Thu, 12 Dec 2013 19:05:21 +0200
Subject: [PATCH] Add  authenticity_token: true to multipart forms

Rails 4 does not generate token by default
It fixes bug when you get to sign-in page after trying to upload image
with comment

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
---
 app/views/profiles/show.html.haml        | 2 +-
 app/views/projects/notes/_form.html.haml | 2 +-
 app/views/projects/walls/show.html.haml  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/views/profiles/show.html.haml b/app/views/profiles/show.html.haml
index 307109ea9c5..ca3f8247223 100644
--- a/app/views/profiles/show.html.haml
+++ b/app/views/profiles/show.html.haml
@@ -8,7 +8,7 @@
 
 
 
-= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" }  do |f|
+= form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit_user form-horizontal" }, authenticity_token: true do |f|
   -if @user.errors.any?
     %div.alert.alert-error
       %ul
diff --git a/app/views/projects/notes/_form.html.haml b/app/views/projects/notes/_form.html.haml
index a742140cf5a..3ef6ed535e0 100644
--- a/app/views/projects/notes/_form.html.haml
+++ b/app/views/projects/notes/_form.html.haml
@@ -1,4 +1,4 @@
-= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" } do |f|
+= form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note js-new-note-form common-note-form" }, authenticity_token: true do |f|
 
   = note_target_fields
   = f.hidden_field :commit_id
diff --git a/app/views/projects/walls/show.html.haml b/app/views/projects/walls/show.html.haml
index 88aecee0815..4fe3e6bccf4 100644
--- a/app/views/projects/walls/show.html.haml
+++ b/app/views/projects/walls/show.html.haml
@@ -3,7 +3,7 @@
 
   - if can? current_user, :write_note, @project
     .note-form-holder
-      = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" } do |f|
+      = form_for [@project, @note], remote: true, html: { multipart: true, id: nil, class: "new_note wall-note-form" }, authenticity_token: true do |f|
         = note_target_fields
         .note_text_and_preview
           = f.text_area :note, size: 255, class: 'note_text js-note-text js-gfm-input turn-on'
-- 
GitLab