kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/spec/controllers
History
Bob Van Landuyt b623932eb3 Allow GraphQL requests without CSRF token 
With this we allow authentication using a session or using personal
access token.

Authentication using a session, and CSRF token makes it easy to play
with GraphQL from the Graphiql endpoint we expose.

But we cannot enforce CSRF validity, otherwise authentication for
regular API clients would fail when they use personal access tokens to
authenticate.
 		2019-03-06 15:38:00 +01:00
..
admin Show header and footer system messages in email 2019-02-27 22:07:50 +02:00
boards Enable the Layout/ExtraSpacing cop 2019-01-24 13:05:45 +01:00
concerns Bump fog-aws to 3.3.0 and associated dependencies 2019-02-28 22:51:03 -08:00
dashboard Merge branch 'security-2773-milestones-fix' into 'master' 2019-03-04 18:37:15 +00:00
explore Update specs to rails5 format 2018-12-19 10:04:31 +11:00
google_api Validate session key when authorizing with GCP to create a cluster 2019-02-19 17:21:08 +11:00
groups Change policy regarding group visibility 2019-02-20 11:08:13 +01:00
import Improve the GitHub and Gitea import feature table interface 2019-02-13 00:15:57 +00:00
instance_statistics Resolve "Remove usage ping payload from Cohorts, add to Settings" 2018-09-06 12:43:14 +00:00
ldap Update specs to rails5 format 2018-12-19 10:04:31 +11:00
oauth Update specs to rails5 format 2018-12-19 10:04:31 +11:00
profiles Move language setting to preferences 2019-02-20 22:58:53 +00:00
projects Merge dev master into GitLab.com master 2019-03-04 19:44:46 +01:00
snippets Update specs to rails5 format 2018-12-19 10:04:31 +11:00
users Update specs to rails5 format 2018-12-19 10:04:31 +11:00
abuse_reports_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
application_controller_spec.rb Fix ETag caching not being used for AJAX requests 2019-02-26 12:54:31 +01:00
autocomplete_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
dashboard_controller_spec.rb Merge branch 'security-fix-pat-web-access' into 'master' 2018-11-28 19:13:59 -05:00
groups_controller_spec.rb Always use CTE for IssuableFinder counts 2019-02-28 11:25:57 -06:00
health_check_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
health_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
help_controller_spec.rb Fix broken links on help page 2019-02-11 23:41:58 +01:00
invites_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
metrics_controller_spec.rb Remove healthchecks from prometheus endpoint 2018-07-12 17:37:51 +00:00
notification_settings_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
omniauth_callbacks_controller_spec.rb Merge branch 'ce-security-jej/group-saml-link-origin-verification' into 'master' 2019-03-04 18:36:26 +00:00
passwords_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
profiles_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
projects_controller_spec.rb Enable the Layout/ExtraSpacing cop 2019-01-24 13:05:45 +01:00
registrations_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
root_controller_spec.rb Fix tests 2018-11-13 15:27:42 +08:00
search_controller_spec.rb Enable the Layout/ExtraSpacing cop 2019-01-24 13:05:45 +01:00
sent_notifications_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
sessions_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
snippets_controller_spec.rb Check snippet attached file to be moved is within designated directory 2019-02-21 16:44:44 +08:00
uploads_controller_spec.rb Enable the Layout/ExtraSpacing cop 2019-01-24 13:05:45 +01:00
user_callouts_controller_spec.rb Update specs to rails5 format 2018-12-19 10:04:31 +11:00
users_controller_spec.rb Eliminate most N+1 queries loading UserController#calendar_activities 2019-03-01 10:57:09 -08:00