From 43608dfb83d5f4ea237d112d0a5e899d255ffa3d Mon Sep 17 00:00:00 2001
From: Daniel Gerhardt <code@dgerhardt.net>
Date: Mon, 15 Jun 2015 12:50:33 +0200
Subject: [PATCH] Adjust 'Sign in' button for GitLab's CSRF protection

GitLab introduced CSRF protection for authentication requests in
571ba5a7feb870b7aa711d5a6fc6d4d53d92a4c5. The 'Sign in' button has been
adjusted to send a POST request.
---
 app/views/layouts/header/_public.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/layouts/header/_public.html.haml b/app/views/layouts/header/_public.html.haml
index bc8f11e37b9..ec2cd720643 100644
--- a/app/views/layouts/header/_public.html.haml
+++ b/app/views/layouts/header/_public.html.haml
@@ -8,7 +8,7 @@
     .header-content
       - unless current_controller?('sessions')
         .pull-right
-          = link_to "Sign in", user_omniauth_authorize_path(:cas), class: 'btn btn-sign-in btn-success btn-sm'
+          = link_to "Sign in", user_omniauth_authorize_path(:cas), method: :post, class: 'btn btn-sign-in btn-success btn-sm'
 
       %h1.title= title
 
-- 
GitLab