diff options
| author | Douwe Maan <douwe@selenight.nl> | 2017-07-26 11:25:10 +0200 |
|---|---|---|
| committer | Douwe Maan <douwe@selenight.nl> | 2017-07-26 11:25:10 +0200 |
| commit | dcf4a2e83c69d1be0915f9c4c4f023abee2e7dea (patch) | |
| tree | 540001cadb67cebea9afacbc9c61f3dd8911e835 /lib/api | |
| parent | 5a1f3df3b82361b613dbf718c4f7af26332297a1 (diff) | |
| download | gitlab-ce-dcf4a2e83c69d1be0915f9c4c4f023abee2e7dea.tar.gz | |
Rescue only from ActionController::InvalidAuthenticityToken
Diffstat (limited to 'lib/api')
| -rw-r--r-- | lib/api/helpers.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 9a589828221..234825480f2 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -336,9 +336,9 @@ module API env['warden'] end - # Check if CSRF tokens are valid. + # Check if the request is GET/HEAD, or if CSRF token is valid. def verified_request? - Gitlab::RequestForgeryProtection.call(env) rescue false + Gitlab::RequestForgeryProtection.verified?(env) end # Check the Rails session for valid authentication details |