diff options
-rw-r--r-- | config/initializers/omniauth.rb | 2 | ||||
-rw-r--r-- | lib/api/helpers.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/request_forgery_protection.rb | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 24ff3b924b5..a36e59c941a 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -16,7 +16,7 @@ OmniAuth.config.allowed_request_methods = [:post] # In case of auto sign-in, the GET method is used (users don't get to click on a button) OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present? OmniAuth.config.before_request_phase do |env| - GitLab::RequestForgeryProtection.call(env) + Gitlab::RequestForgeryProtection.call(env) end if Gitlab.config.omniauth.enabled diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index b81ce75ef4f..9a589828221 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -338,7 +338,7 @@ module API # Check if CSRF tokens are valid. def verified_request? - GitLab::RequestForgeryProtection.call(env) + Gitlab::RequestForgeryProtection.call(env) rescue false end # Check the Rails session for valid authentication details diff --git a/lib/gitlab/request_forgery_protection.rb b/lib/gitlab/request_forgery_protection.rb index 071a72a1f8b..b0e15e2b655 100644 --- a/lib/gitlab/request_forgery_protection.rb +++ b/lib/gitlab/request_forgery_protection.rb @@ -2,7 +2,7 @@ # It's used in API helpers and OmniAuth. # Usage: GitLab::RequestForgeryProtection.call(env) -module GitLab +module Gitlab module RequestForgeryProtection class Controller < ActionController::Base protect_from_forgery with: :exception |