Skip to content

Commit

Permalink
Merge pull request #4901 from mzazrivec/reset_session_on_failed_csrf_…
Browse files Browse the repository at this point in the history 
…verification

Reset session on failed CSRF token verification
  • Loading branch information
@martinpovolny
martinpovolny committed Nov 12, 2018
2 parents 7acb64d + 6e1f59c commit 3cc5463
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion app/controllers/application_controller.rb
View file
Expand Up @@ -19,7 +19,7 @@ class ApplicationController < ActionController::Base
# web service worker processes.
protect_from_forgery(:secret => SecureRandom.hex(64),
:except => %i(authenticate external_authenticate kerberos_authenticate saml_login initiate_saml_login oidc_login initiate_oidc_login csp_report),
:with => :exception)
:with => :reset_session)

end

Expand Down

0 comments on commit 3cc5463

Please sign in to comment.