From 73faa79a69cbb86b5629a247c2e51313cdbd83c6 Mon Sep 17 00:00:00 2001 From: barisusakli Date: Wed, 24 Sep 2014 15:53:39 -0400 Subject: [PATCH] fix edit page csrf, category slug optional --- src/routes/index.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/routes/index.js b/src/routes/index.js index 6085ab6666..78d89406ce 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -55,7 +55,7 @@ function categoryRoutes(app, middleware, controllers) { app.get('/api/unread/total', middleware.authenticate, controllers.categories.unreadTotal); setupPageRoute(app, '/category/:category_id/:slug/:topic_index', middleware, [middleware.applyCSRF, middleware.checkTopicIndex], controllers.categories.get); - setupPageRoute(app, '/category/:category_id/:slug', middleware, [middleware.applyCSRF, middleware.addSlug], controllers.categories.get); + setupPageRoute(app, '/category/:category_id/:slug?', middleware, [middleware.applyCSRF, middleware.addSlug], controllers.categories.get); } function accountRoutes(app, middleware, controllers) { @@ -69,7 +69,7 @@ function accountRoutes(app, middleware, controllers) { setupPageRoute(app, '/user/:userslug/topics', middleware, middlewares, controllers.accounts.getTopics); setupPageRoute(app, '/user/:userslug/favourites', middleware, accountMiddlewares, controllers.accounts.getFavourites); - setupPageRoute(app, '/user/:userslug/edit', middleware, accountMiddlewares, controllers.accounts.accountEdit); + setupPageRoute(app, '/user/:userslug/edit', middleware, [middleware.applyCSRF].concat(accountMiddlewares), controllers.accounts.accountEdit); setupPageRoute(app, '/user/:userslug/settings', middleware, accountMiddlewares, controllers.accounts.accountSettings); setupPageRoute(app, '/notifications', middleware, [middleware.authenticate], controllers.accounts.getNotifications);