Resolve "Add CSRF token verification to API" (!12154) · Merge requests · GitLab.org / GitLab FOSS

username-removed-86853 requested to merge 33601-add-csrf-token-verification-to-api into master Jun 14, 2017

What does this MR do?

This MR adds a verification of CSRF tokens to API helpers.

Why was this MR needed?

It allows the frontend use API endpoints which require PRIVATE-TOKEN header to be set.
Instead of PRIVATE-TOKEN frontenders can use X-CSRF-TOKEN header instead.

Does this MR meet the acceptance criteria?

Changelog entry added, if necessary
Documentation created/updated
API support added
Tests
- Added for this feature/bug
- All builds are passing
Conform by the merge request performance guides
Conform by the style guides
Branch has no merge conflicts with master (if it does - rebase it please)
Squashed related commits together

What are the relevant issue numbers?

Closes #33601 (closed)

Edited Jun 16, 2017 by username-removed-86853

Admin message

Admin message

Resolve "Add CSRF token verification to API"

What does this MR do?

Why was this MR needed?

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Merge request reports