Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorDouwe Maan <douwe@gitlab.com>2016-09-28 17:44:11 +0300
committerDouwe Maan <douwe@gitlab.com>2016-09-28 17:44:11 +0300
commita4cddd81f1b4bd56ca99b49ce947a5e381322125 (patch)
treeb23ff985661ca4f745c801d2f3e901422297b75e /app/controllers
parent8e887c7efc8bd2a4fb4b1fb881c9d30b05023932 (diff)
parentaf5e54f9ce4f491ccf605c7c74c137785da743a4 (diff)
Merge branch '22435-no-api-state-change-via-rails-session' into 'security'
API: disable rails session auth for non-GET/HEAD requests Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22435 See merge request !1999
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/projects/labels_controller.rb10
1 files changed, 8 insertions, 2 deletions
diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb
index 28fa4a5b141..a6626df4826 100644
--- a/app/controllers/projects/labels_controller.rb
+++ b/app/controllers/projects/labels_controller.rb
@@ -30,9 +30,15 @@ class Projects::LabelsController < Projects::ApplicationController
@label = @project.labels.create(label_params)
if @label.valid?
- redirect_to namespace_project_labels_path(@project.namespace, @project)
+ respond_to do |format|
+ format.html { redirect_to namespace_project_labels_path(@project.namespace, @project) }
+ format.json { render json: @label }
+ end
else
- render 'new'
+ respond_to do |format|
+ format.html { render 'new' }
+ format.json { render json: { message: @label.errors.messages }, status: 400 }
+ end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-19 21:01:26 +0300