Remove ability to revoke active session

Session ID is used as a parameter for the revoke session endpoint but it should never be included in the HTML as an attacker could obtain it via XSS.
author: Imre Farkas <ifarkas@gitlab.com> 2019-02-25 14:52:40 +0100
committer: Imre Farkas <ifarkas@gitlab.com> 2019-02-27 11:45:27 +0100
commit: 038d530565bc64729706bbd9afad275699be459d (patch)
tree: 7cb6741e2490a943a8e3dc1e61011bc7e56385ae /doc/user/profile/active_sessions.md
parent: 44c4aad983570ea1832aa08c39f46dbc1b475fd3 (diff)
download: gitlab-ce-038d530565bc64729706bbd9afad275699be459d.tar.gz
1 files changed, 1 insertions, 7 deletions
diff --git a/doc/user/profile/active_sessions.md b/doc/user/profile/active_sessions.md
index 5119c0e30d0..28e3f4904a9 100644
--- a/doc/user/profile/active_sessions.md
+++ b/doc/user/profile/active_sessions.md
@@ -4,7 +4,7 @@
 >   in GitLab 10.8.
 
 GitLab lists all devices that have logged into your account. This allows you to
-review the sessions and revoke any of it that you don't recognize.
+review the sessions.
 
 ## Listing all active sessions
 
@@ -12,9 +12,3 @@ review the sessions and revoke any of it that you don't recognize.
 1. Navigate to the **Active Sessions** tab.
 
 ![Active sessions list](img/active_sessions_list.png)
-
-## Revoking a session
-
-1. Navigate to your [profile's](#profile-settings) **Settings > Active Sessions**.
-1. Click on **Revoke** besides a session. The current session cannot be
-   revoked, as this would sign you out of GitLab.
author	Imre Farkas <ifarkas@gitlab.com>	2019-02-25 14:52:40 +0100
committer	Imre Farkas <ifarkas@gitlab.com>	2019-02-27 11:45:27 +0100
commit	038d530565bc64729706bbd9afad275699be459d (patch)
tree	7cb6741e2490a943a8e3dc1e61011bc7e56385ae /doc/user/profile/active_sessions.md
parent	44c4aad983570ea1832aa08c39f46dbc1b475fd3 (diff)
download	gitlab-ce-038d530565bc64729706bbd9afad275699be459d.tar.gz