htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable Sentry context for render_protected_upload

Browse Source 
In this action, we are not using a regular cookie/user to authenticate. However, we have a special token, that is JWT-based. Since it has the same name as the login token sent via email, we previously searched the database for it as part of configuring the Sentry context. This is now avoided.
This commit is contained in:
Sebastian Serth
2023-12-19 09:40:18 +01:00
committed by Sebastian Serth
parent f20fbbbd7a
commit 8c41aa5a73
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/code_ocean/files_controller.rb
View File

@ -9,6 +9,7 @@ module CodeOcean
content_security_policy false, only: :render_protected_upload
skip_before_action :deny_access_from_render_host, only: :render_protected_upload
skip_before_action :verify_authenticity_token, only: :render_protected_upload
skip_before_action :set_sentry_context, only: :render_protected_upload
before_action :require_user!, except: :render_protected_upload
# In case the .realpath cannot resolve a file (for example because it is no longer available)