BigW Consortium Gitlab

Commit d020eabf by Douwe Maan

Add log messages to clarify log messages about API CSRF token verification failure

parent 4d05e853
......@@ -7,6 +7,14 @@ module Gitlab
class Controller < ActionController::Base
protect_from_forgery with: :exception
rescue_from ActionController::InvalidAuthenticityToken do |e|
logger.warn "This CSRF token verification failure is handled internally by `GitLab::RequestForgeryProtection`"
logger.warn "Unlike the logs may suggest, this does not result in an actual 422 response to the user"
logger.warn "For API requests, the only effect is that `current_user` will be `nil` for the duration of the request"
raise e
end
def index
head :ok
end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment