X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/6063ac4a119f6defaf06b282540d815df7b040ae..refs/pull/2023/head:/app/Http/Middleware/VerifyCsrfToken.php

diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php
index 291b8326f..bdeb26554 100644
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@@ -6,12 +6,19 @@ use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
 
 class VerifyCsrfToken extends Middleware
 {
+    /**
+     * Indicates whether the XSRF-TOKEN cookie should be set on the response.
+     *
+     * @var bool
+     */
+    protected $addHttpCookie = true;
+
     /**
      * The URIs that should be excluded from CSRF verification.
      *
      * @var array
      */
     protected $except = [
-        //
+        'saml2/*'
     ];
 }