Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorRémy Coutable <remy@rymai.me>2019-02-05 20:13:28 +0300
committerRémy Coutable <remy@rymai.me>2019-02-05 20:13:28 +0300
commit8b02d58edeab14cfce9af5fdf8bbd9defe7e0c4b (patch)
tree21e18d6ea6a5821dd5807882bcb054e948ce6f94 /app
parent22caeb58a49a7ed2ccef7e5191e5a8c3f9ff7d10 (diff)
parent6548e01f18c24ec8703bb85557d7509dbeace013 (diff)
Merge branch 'jej/avoid-csrf-check-on-saml-failure' into 'master'
Skip CSRF check on SAML failure endpoint Closes #56574 See merge request gitlab-org/gitlab-ce!24509
Diffstat (limited to 'app')
-rw-r--r--app/controllers/omniauth_callbacks_controller.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index f8e482937d5..97120273d6b 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -4,7 +4,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
include AuthenticatesWithTwoFactor
include Devise::Controllers::Rememberable
- protect_from_forgery except: [:kerberos, :saml, :cas3], prepend: true
+ protect_from_forgery except: [:kerberos, :saml, :cas3, :failure], with: :exception, prepend: true
def handle_omniauth
omniauth_flow(Gitlab::Auth::OAuth)
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 13:59:18 +0300