Remove CSRF protection from Gitlab hook action

Since it's a remote request there's no CSRF token to be sent, so don't require one.

Remove CSRF protection from Gitlab hook action
Since it's a remote request there's no CSRF token to be sent, so don't require one.
Daniel
1 parent b7fd71c2
Showing 1 changed file with 3 additions and 0 deletions Show diff stats
app/controllers/repositories_controller.rb
@@ -7,6 +7,9 @@ class RepositoriesController &lt; ApplicationController
   before_action :set_repository, only: [:show, :edit, :update, :destroy, :state, :state_with_date, :process_repository]
   before_action :set_project_id_repository_types_and_configurations, only: [:new, :edit]
  
+  # Gitlab can't send a CSRF token, don't require one
+  skip_before_action :verify_authenticity_token, :only => [:notify_push]
+
   def index
     @repositories = Repository.all
   end
...	...	@@ -7,6 +7,9 @@ class RepositoriesController < ApplicationController
7	7	before_action :set_repository, only: [:show, :edit, :update, :destroy, :state, :state_with_date, :process_repository]
8	8	before_action :set_project_id_repository_types_and_configurations, only: [:new, :edit]
9	9
	10	+ # Gitlab can't send a CSRF token, don't require one
	11	+ skip_before_action :verify_authenticity_token, :only => [:notify_push]
	12	+
10	13	def index
11	14	@repositories = Repository.all
12	15	end
...	...