Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access (#19803)
New environment variable `DISALLOW_UNAUTHENTICATED_API_ACCESS`gh/stable
parent
d0c9ac3919
commit
3a41fccc43
|
@ -133,7 +133,7 @@ class Api::BaseController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def disallow_unauthenticated_api_access?
|
def disallow_unauthenticated_api_access?
|
||||||
authorized_fetch_mode?
|
ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.whitelist_mode
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
Reference in New Issue