From 07a49d5cb5dba6b716abee37afe8276439a7bb46 Mon Sep 17 00:00:00 2001
From: Viktar Donich <viktard@google.com>
Date: Fri, 19 Aug 2016 16:20:39 -0700
Subject: [PATCH] Serve XSRF_COOKIE with /accounts/self/detail

Bug: Issue 4285
Change-Id: I03d78cf23e23328acab4284d8080dddc99ce1337
---
 .../src/main/java/com/google/gerrit/httpd/UrlModule.java         | 1 +
 1 file changed, 1 insertion(+)

diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/UrlModule.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/UrlModule.java
index 2c67182121..c1f4da0d29 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/UrlModule.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/UrlModule.java
@@ -64,6 +64,7 @@ class UrlModule extends ServletModule {
 
     if (options.enableDefaultUi()) {
       filter("/").through(XsrfCookieFilter.class);
+      filter("/accounts/self/detail").through(XsrfCookieFilter.class);
       serve("/").with(HostPageServlet.class);
       serve("/Gerrit").with(LegacyGerritServlet.class);
       serve("/Gerrit/*").with(legacyGerritScreen());