• Rémy Coutable's avatar
    Merge branch '18302-use-rails-cookie-in-api' into 'master' · 8ddfeec8
    Rémy Coutable authored
    Allow the Rails cookie to be used for API authentication
    
    Makes the Rails cookie into a valid authentication token for the Grape
    API, and uses it instead of token authentication in frontend code that
    uses the API.
    
    Rendering the private token into client-side javascript is a security
    risk; it may be stolen through XSS or other attacks. In general,
    re-using API code in the frontend is more desirable than implementing
    endless actions that return JSON.
    
    Closes #18302
    
    See merge request !1995
    Signed-off-by: 's avatarRémy Coutable <remy@rymai.me>
    8ddfeec8
Name
Last commit
Last update
..
administration Loading commit data...
api Loading commit data...
ci Loading commit data...
container_registry Loading commit data...
customization Loading commit data...
development Loading commit data...
downgrade_ee_to_ce Loading commit data...
gitlab-basics Loading commit data...
hooks Loading commit data...
incoming_email Loading commit data...
install Loading commit data...
integration Loading commit data...
intro Loading commit data...
legal Loading commit data...
logs Loading commit data...
markdown Loading commit data...
migrate_ci_to_ce Loading commit data...
monitoring Loading commit data...
operations Loading commit data...
permissions Loading commit data...
profile Loading commit data...
project_services Loading commit data...
public_access Loading commit data...
raketasks Loading commit data...
security Loading commit data...
ssh Loading commit data...
system_hooks Loading commit data...
update Loading commit data...
user Loading commit data...
web_hooks Loading commit data...
workflow Loading commit data...
README.md Loading commit data...