From 43608dfb83d5f4ea237d112d0a5e899d255ffa3d Mon Sep 17 00:00:00 2001 From: Daniel Gerhardt Date: Mon, 15 Jun 2015 12:50:33 +0200 Subject: [PATCH] Adjust 'Sign in' button for GitLab's CSRF protection GitLab introduced CSRF protection for authentication requests in 571ba5a7feb870b7aa711d5a6fc6d4d53d92a4c5. The 'Sign in' button has been adjusted to send a POST request. --- app/views/layouts/header/_public.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/layouts/header/_public.html.haml b/app/views/layouts/header/_public.html.haml index bc8f11e37b9..ec2cd720643 100644 --- a/app/views/layouts/header/_public.html.haml +++ b/app/views/layouts/header/_public.html.haml @@ -8,7 +8,7 @@ .header-content - unless current_controller?('sessions') .pull-right - = link_to "Sign in", user_omniauth_authorize_path(:cas), class: 'btn btn-sign-in btn-success btn-sm' + = link_to "Sign in", user_omniauth_authorize_path(:cas), method: :post, class: 'btn btn-sign-in btn-success btn-sm' %h1.title= title -- GitLab