Exclude dummy CSRF controller from logs
Gitlab::RequestForgeryProtection::Controller#index is not actually user-reachable; we use it as a way of testing whether a request contains a valid CSRF token. However, because we put a request through this controller, it gets logged. That means we get confusing log entries for this controller and API paths, which are duplicated - they have the same request ID as the 'actual' request.
Showing
Please register or sign in to comment