diff options
| author | Imre Farkas <ifarkas@gitlab.com> | 2019-02-25 14:52:40 +0100 |
|---|---|---|
| committer | Imre Farkas <ifarkas@gitlab.com> | 2019-02-27 11:45:27 +0100 |
| commit | 038d530565bc64729706bbd9afad275699be459d (patch) | |
| tree | 7cb6741e2490a943a8e3dc1e61011bc7e56385ae /spec/features/projects/blobs/edit_spec.rb | |
| parent | 44c4aad983570ea1832aa08c39f46dbc1b475fd3 (diff) | |
| download | gitlab-ce-038d530565bc64729706bbd9afad275699be459d.tar.gz | |
Remove ability to revoke active session
Session ID is used as a parameter for the revoke session endpoint but it
should never be included in the HTML as an attacker could obtain it via
XSS.
Diffstat (limited to 'spec/features/projects/blobs/edit_spec.rb')
0 files changed, 0 insertions, 0 deletions