In the Rails 4.2 branch I am preparing to merge to develop, I needed to add a line to the sessions controller for skipping the CSRF check on logout because this was not previously checked by the Devise gem. As soon as all the extensions have an updated version of privly-applications, or 3 months (whichever is sooner), the line found below should be removed and the updated code deployed.
skip_before_filter :verify_authenticity_token , :only => [:destroy]
In the Rails 4.2 branch I am preparing to merge to develop, I needed to add a line to the sessions controller for skipping the CSRF check on logout because this was not previously checked by the Devise gem. As soon as all the extensions have an updated version of privly-applications, or 3 months (whichever is sooner), the line found below should be removed and the updated code deployed.
skip_before_filter :verify_authenticity_token , :only => [:destroy]