# HG changeset patch
# User Edho Arief <edho@myconan.net>
# Date 1353941563 -25200
# Node ID 88f957e0352b69eaf0ebe501e80d86b8872b25a7
# Parent  f5614a89ce49467cf31e736d9aa9d91bd0d493a2
No need for csrf protection

Because there's no cookies/session to be protected.

diff -r f5614a89ce49 -r 88f957e0352b app/views/layouts/application.html.erb
--- a/app/views/layouts/application.html.erb	Mon Nov 26 21:51:20 2012 +0700
+++ b/app/views/layouts/application.html.erb	Mon Nov 26 21:52:43 2012 +0700
@@ -5,9 +5,6 @@
     <title><%= html_title %></title>
     <%= stylesheet_link_tag    "application", :media => "all" %>
     <%= javascript_include_tag "application" %>
-    <% unless @skip_csrf %>
-      <%= csrf_meta_tags %>
-    <% end %>
   </head>
   <body>
 
diff -r f5614a89ce49 -r 88f957e0352b app/views/pastes/show.html.erb
--- a/app/views/pastes/show.html.erb	Mon Nov 26 21:51:20 2012 +0700
+++ b/app/views/pastes/show.html.erb	Mon Nov 26 21:52:43 2012 +0700
@@ -1,5 +1,4 @@
 <% provide :title, "Paste ##{@paste.id}" %>
-<% @skip_csrf = true %>
 <div class="page-header">
   <h1><%= content_for :title %></h1>
 </div>