diff options
| author | blackst0ne <blackst0ne.ru@gmail.com> | 2017-06-21 17:52:54 +1100 |
|---|---|---|
| committer | Douwe Maan <douwe@selenight.nl> | 2017-07-26 11:05:44 +0200 |
| commit | 8ce8b21f675709c884148d050663b9f2374cdc61 (patch) | |
| tree | 524480e042ce4ee835a59bec0f3089e401c94913 /config/initializers | |
| parent | 29022350999ab3ddc4518f7a7647939ec2de8e09 (diff) | |
| download | gitlab-ce-8ce8b21f675709c884148d050663b9f2374cdc61.tar.gz | |
Refactor CSRF protection
Diffstat (limited to 'config/initializers')
| -rw-r--r-- | config/initializers/omniauth.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index f7fa6d1c2de..24ff3b924b5 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -16,7 +16,7 @@ OmniAuth.config.allowed_request_methods = [:post] # In case of auto sign-in, the GET method is used (users don't get to click on a button) OmniAuth.config.allowed_request_methods << :get if Gitlab.config.omniauth.auto_sign_in_with_provider.present? OmniAuth.config.before_request_phase do |env| - OmniAuth::RequestForgeryProtection.call(env) + GitLab::RequestForgeryProtection.call(env) end if Gitlab.config.omniauth.enabled |