diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2020-11-28 05:17:53 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-11-28 05:17:53 +0100 |
commit | 13b07b88f1aa79c31291473362ac77b31602c374 (patch) | |
tree | 34b7fe8aeaa444d662f835efd10096f80821106b /Gemfile.lock | |
parent | 13206fcfb86844ba4a0c872eaf8c11a61ea848df (diff) |
Fix omniauth (SAML/CAS) sign-in routes not having CSRF protection (#15228)
Diffstat (limited to 'Gemfile.lock')
-rw-r--r-- | Gemfile.lock | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Gemfile.lock b/Gemfile.lock index b8134a985..f7192d084 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -375,6 +375,9 @@ GEM addressable (~> 2.3) nokogiri (~> 1.5) omniauth (~> 1.2) + omniauth-rails_csrf_protection (0.1.2) + actionpack (>= 4.2) + omniauth (>= 1.3.1) omniauth-saml (1.10.3) omniauth (~> 1.3, >= 1.3.2) ruby-saml (~> 1.9) @@ -741,6 +744,7 @@ DEPENDENCIES oj (~> 3.10) omniauth (~> 1.9) omniauth-cas (~> 2.0) + omniauth-rails_csrf_protection (~> 0.1) omniauth-saml (~> 1.10) ox (~> 2.13) paperclip (~> 6.0) |