diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 14:59:07 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 14:59:07 +0300 |
commit | 8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca (patch) | |
tree | 544930fb309b30317ae9797a9683768705d664c4 /lib/gitlab/request_forgery_protection.rb | |
parent | 4b1de649d0168371549608993deac953eb692019 (diff) |
Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42
Diffstat (limited to 'lib/gitlab/request_forgery_protection.rb')
-rw-r--r-- | lib/gitlab/request_forgery_protection.rb | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/lib/gitlab/request_forgery_protection.rb b/lib/gitlab/request_forgery_protection.rb index b1e478093d3..79562a8223b 100644 --- a/lib/gitlab/request_forgery_protection.rb +++ b/lib/gitlab/request_forgery_protection.rb @@ -9,14 +9,6 @@ module Gitlab class Controller < ActionController::Base protect_from_forgery with: :exception, prepend: true - rescue_from ActionController::InvalidAuthenticityToken do |e| - logger.warn "This CSRF token verification failure is handled internally by `GitLab::RequestForgeryProtection`" - logger.warn "Unlike the logs may suggest, this does not result in an actual 422 response to the user" - logger.warn "For API requests, the only effect is that `current_user` will be `nil` for the duration of the request" - - raise e - end - def index head :ok end |