Skip to content

Commit

Permalink
Merged in r2-3031-idp-csrf (pull request #6939)
Browse files Browse the repository at this point in the history 
R2-3031: Adding prepend option to protect_from_forgery to fix csrf error when using idp
  • Loading branch information
@jtoliver-quoin @pnabutovsky
jtoliver-quoin authored and pnabutovsky committed Sep 27, 2024
2 parents 63cb058 + c6c6699 commit 24d8f88
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion app/controllers/application_api_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ class ApplicationApiController < ActionController::API
before_action :check_config_update_lock!
before_action :set_csrf_cookie, unless: -> { request_from_basic_auth? }

protect_from_forgery with: :exception, if: -> { use_csrf_protection? }
protect_from_forgery with: :exception, prepend: true, if: -> { use_csrf_protection? }

class << self
attr_accessor :model_class
Expand Down

0 comments on commit 24d8f88

Please sign in to comment.