diff options
Diffstat (limited to 'lib/gitlab/request_forgery_protection.rb')
-rw-r--r-- | lib/gitlab/request_forgery_protection.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/gitlab/request_forgery_protection.rb b/lib/gitlab/request_forgery_protection.rb index 79562a8223b..a84a6ac2d14 100644 --- a/lib/gitlab/request_forgery_protection.rb +++ b/lib/gitlab/request_forgery_protection.rb @@ -23,7 +23,9 @@ module Gitlab end def self.verified?(env) - call(env) + minimal_env = env.slice('REQUEST_METHOD', 'rack.session', 'HTTP_X_CSRF_TOKEN') + .merge('rack.input' => '') + call(minimal_env) true rescue ActionController::InvalidAuthenticityToken |