Fix omniauth (SAML/CAS) sign-in routes not having CSRF protection (#15228)

2020-11-28 05:17:53 +01:00 · 2020-11-28 05:17:53 +01:00 · 13b07b88f1
commit 13b07b88f1
parent 13206fcfb8
3 changed files with 6 additions and 2 deletions
--- a/1
+++ b/1
@ -44,6 +44,7 @@ gem 'net-ldap', '~> 0.16'
 gem 'omniauth-cas', '~> 2.0'
 gem 'omniauth-saml', '~> 1.10'
 gem 'omniauth', '~> 1.9'
+gem 'omniauth-rails_csrf_protection', '~> 0.1'

 gem 'color_diff', '~> 0.1'
 gem 'discard', '~> 1.2'