Add latest changes from gitlab-org/security/gitlab@13-4-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-01 01:02:13 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-01 01:02:13 +0300
commit: 516fba52cf280b9d5bad08dce9f0150f859b6cea (patch)
tree: 4dad71be856651af62c9a281b01087ae15480810 /app/controllers/profiles
parent: c90be62bdefdb6bb67c73a9c4a6d164c9f78a28d (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/profiles/active_sessions_controller.rb b/app/controllers/profiles/active_sessions_controller.rb
index d9ec3195fd1..e4cd5d65e1a 100644
--- a/app/controllers/profiles/active_sessions_controller.rb
+++ b/app/controllers/profiles/active_sessions_controller.rb
@@ -6,7 +6,9 @@ class Profiles::ActiveSessionsController < Profiles::ApplicationController
   end
 
   def destroy
-    ActiveSession.destroy_with_public_id(current_user, params[:id])
+    # params[:id] can be either an Rack::Session::SessionId#private_id
+    # or an encrypted Rack::Session::SessionId#public_id
+    ActiveSession.destroy_with_deprecated_encryption(current_user, params[:id])
     current_user.forget_me!
 
     respond_to do |format|
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-01 01:02:13 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-01 01:02:13 +0300
commit	516fba52cf280b9d5bad08dce9f0150f859b6cea (patch)
tree	4dad71be856651af62c9a281b01087ae15480810 /app/controllers/profiles
parent	c90be62bdefdb6bb67c73a9c4a6d164c9f78a28d (diff)