Commit 1522f7fa authored by Douglas Barbosa Alexandre's avatar Douglas Barbosa Alexandre

Merge branch 'remove-logging-for-request-forgery-protection' into 'master'

Remove logging for Gitlab::RequestForgeryProtection::Controller

See merge request gitlab-org/gitlab!48466
parents 3274b67d 540c2cdd
...@@ -9,14 +9,6 @@ module Gitlab ...@@ -9,14 +9,6 @@ module Gitlab
class Controller < ActionController::Base class Controller < ActionController::Base
protect_from_forgery with: :exception, prepend: true protect_from_forgery with: :exception, prepend: true
rescue_from ActionController::InvalidAuthenticityToken do |e|
logger.warn "This CSRF token verification failure is handled internally by `GitLab::RequestForgeryProtection`"
logger.warn "Unlike the logs may suggest, this does not result in an actual 422 response to the user"
logger.warn "For API requests, the only effect is that `current_user` will be `nil` for the duration of the request"
raise e
end
def index def index
head :ok head :ok
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment