diff options
author | Douwe Maan <douwe@gitlab.com> | 2015-04-24 17:03:18 +0200 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2015-04-24 17:03:18 +0200 |
commit | 571ba5a7feb870b7aa711d5a6fc6d4d53d92a4c5 (patch) | |
tree | 817cd5b54a81a1a229be4b42e7643ad90f5040e1 /app/views/profiles/accounts | |
parent | 62117f2f25646009fb5b20d7a215d7d697ce3231 (diff) | |
download | gitlab-ce-571ba5a7feb870b7aa711d5a6fc6d4d53d92a4c5.tar.gz |
Protect OmniAuth request phase against CSRF.
Diffstat (limited to 'app/views/profiles/accounts')
-rw-r--r-- | app/views/profiles/accounts/show.html.haml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml index 5bffb4acc1d..7cc6008e48e 100644 --- a/app/views/profiles/accounts/show.html.haml +++ b/app/views/profiles/accounts/show.html.haml @@ -34,7 +34,7 @@ - enabled_social_providers.each do |provider| .btn-group = link_to oauth_image_tag(provider), omniauth_authorize_path(User, provider), - class: "btn btn-lg #{'active' if oauth_active?(provider)}" + method: :post, class: "btn btn-lg #{'active' if oauth_active?(provider)}" - if oauth_active?(provider) = link_to unlink_profile_account_path(provider: provider), method: :delete, class: 'btn btn-lg' do %i.fa.fa-close |