From 674c45f1d94fae665a1cb14c39849e09017e9ba3 Mon Sep 17 00:00:00 2001
From: guange <8863824@gmail.com>
Date: Tue, 19 Jul 2016 17:44:27 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8E=BB=E6=8E=89=E4=B8=8A=E4=BC=A0=E7=9A=84cs?=
 =?UTF-8?q?rf=E6=8A=A5=E9=94=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/attachments_controller.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb
index a6b5f09cf..fa2c87f8c 100644
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -18,6 +18,8 @@
 class AttachmentsController < ApplicationController
   layout "users_base"
 
+  before_filter :verify_authenticity_token, only: [:uploa]
+
   before_filter :find_project, :only => [:show, :download, :thumbnail, :destroy, :delete_homework]#, :except => [:upload, :autocomplete]
   before_filter :file_readable, :read_authorize, :only => [:show, :thumbnail]#Modified by young
   before_filter :delete_authorize, :only => [:destroy]