Commit 8c52d47d authored by Sean McGivern's avatar Sean McGivern

Exclude dummy CSRF controller from logs

Gitlab::RequestForgeryProtection::Controller#index is not actually
user-reachable; we use it as a way of testing whether a request contains
a valid CSRF token.

However, because we put a request through this controller, it gets
logged. That means we get confusing log entries for this controller and
API paths, which are duplicated - they have the same request ID as the
'actual' request.
parent be8cb784
......@@ -15,6 +15,10 @@ unless Gitlab::Runtime.sidekiq?
data
end
# This isn't a user-reachable controller; we use it to check for a
# valid CSRF token in the API
config.lograge.ignore_actions = ['Gitlab::RequestForgeryProtection::Controller#index']
# Add request parameters to log output
config.lograge.custom_options = lambda do |event|
params = event.payload[:params]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment