summaryrefslogtreecommitdiffstats
path: root/java/com/google/gerrit/httpd/XsrfCookieFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'java/com/google/gerrit/httpd/XsrfCookieFilter.java')
-rw-r--r--java/com/google/gerrit/httpd/XsrfCookieFilter.java8
1 files changed, 6 insertions, 2 deletions
diff --git a/java/com/google/gerrit/httpd/XsrfCookieFilter.java b/java/com/google/gerrit/httpd/XsrfCookieFilter.java
index d15ecacd59..079efa4023 100644
--- a/java/com/google/gerrit/httpd/XsrfCookieFilter.java
+++ b/java/com/google/gerrit/httpd/XsrfCookieFilter.java
@@ -32,6 +32,7 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.eclipse.jgit.http.server.GitSmartHttpTools;
@Singleton
public class XsrfCookieFilter implements Filter {
@@ -50,8 +51,11 @@ public class XsrfCookieFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse rsp, FilterChain chain)
throws IOException, ServletException {
- WebSession s = user.get().isIdentifiedUser() ? session.get() : null;
- setXsrfTokenCookie((HttpServletRequest) req, (HttpServletResponse) rsp, s);
+ HttpServletRequest httpRequest = (HttpServletRequest) req;
+ if (!GitSmartHttpTools.isGitClient(httpRequest)) {
+ WebSession s = user.get().isIdentifiedUser() ? session.get() : null;
+ setXsrfTokenCookie(httpRequest, (HttpServletResponse) rsp, s);
+ }
chain.doFilter(req, rsp);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 09:59:54 +0000