From 33e48661878b255a3dafd77186746c1489a727bc Mon Sep 17 00:00:00 2001
From: YoungHypo <haiboyang@smail.nju.edu.cn>
Date: Sat, 7 Dec 2024 12:57:54 -0800
Subject: [PATCH] set credentials to false in cors.rb

---
 app/controllers/application_controller.rb | 2 +-
 config/initializers/cors.rb               | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fc3ee31..e6f2944 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,5 +1,5 @@
 class ApplicationController < ActionController::Base
-  skip_forgery_protection
+  skip_before_action :verify_authenticity_token
   
   private
   
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
index 315c77c..0350ae8 100644
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@@ -6,6 +6,6 @@
     resource '*',
       headers: :any,
       methods: [:get, :post, :put, :patch, :delete, :options, :head],
-      credentials: true
+      credentials: false
   end
 end 
\ No newline at end of file