diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-21 18:09:05 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-21 18:09:05 +0300 |
| commit | cf6a3e7ed4cb10a3e9fcbda810601387afc8b8d6 (patch) | |
| tree | bda3707e95a53cb225793fded61d5073950b0b68 /app/controllers/sessions_controller.rb | |
| parent | 2a040e2655fe0a99df61ad0a7bd0c27e68af0c38 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/sessions_controller.rb')
| -rw-r--r-- | app/controllers/sessions_controller.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index c29e9d3843b..e2dd2d77a30 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -39,7 +39,7 @@ class SessionsController < Devise::SessionsController # would cause the CSRF token to be cleared and then # RequestForgeryProtection#verify_authenticity_token would fail because of # token mismatch. - protect_from_forgery with: :exception, prepend: true + protect_from_forgery with: :exception, prepend: true, except: :destroy CAPTCHA_HEADER = 'X-GitLab-Show-Login-Captcha' MAX_FAILED_LOGIN_ATTEMPTS = 5 |