diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2020-11-28 05:17:53 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-11-28 05:17:53 +0100 |
commit | 13b07b88f1aa79c31291473362ac77b31602c374 (patch) | |
tree | 34b7fe8aeaa444d662f835efd10096f80821106b /app/views/auth | |
parent | 13206fcfb86844ba4a0c872eaf8c11a61ea848df (diff) |
Fix omniauth (SAML/CAS) sign-in routes not having CSRF protection (#15228)
Diffstat (limited to 'app/views/auth')
-rw-r--r-- | app/views/auth/sessions/new.html.haml | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/app/views/auth/sessions/new.html.haml b/app/views/auth/sessions/new.html.haml index ceb169408..9713bdaeb 100644 --- a/app/views/auth/sessions/new.html.haml +++ b/app/views/auth/sessions/new.html.haml @@ -22,7 +22,6 @@ .actions - resource_class.omniauth_providers.each do |provider| - = link_to omniauth_authorize_path(resource_name, provider), class: "button button-#{provider}" do - = t("auth.providers.#{provider}", default: provider.to_s.chomp("_oauth2").capitalize) + = link_to t("auth.providers.#{provider}", default: provider.to_s.chomp("_oauth2").capitalize), omniauth_authorize_path(resource_name, provider), class: "button button-#{provider}", method: :post .form-footer= render 'auth/shared/links' |