Module: Gitlab::RequestForgeryProtection
- Defined in:
- lib/gitlab/request_forgery_protection.rb
Defined Under Namespace
Classes: Controller
Class Method Summary collapse
Class Method Details
.app ⇒ Object
26 27 28 |
# File 'lib/gitlab/request_forgery_protection.rb', line 26 def self.app @app ||= Controller.action(:index) end |
.call(env) ⇒ Object
30 31 32 |
# File 'lib/gitlab/request_forgery_protection.rb', line 30 def self.call(env) app.call(env) end |
.verified?(env) ⇒ Boolean
34 35 36 37 38 39 40 41 42 |
# File 'lib/gitlab/request_forgery_protection.rb', line 34 def self.verified?(env) minimal_env = env.slice('REQUEST_METHOD', 'rack.session', 'HTTP_X_CSRF_TOKEN') .merge('rack.input' => '') call(minimal_env) true rescue ActionController::InvalidAuthenticityToken false end |