From 0d42b3cb93bf5c3f37c7cbb146d47aa0ae0854ce Mon Sep 17 00:00:00 2001
From: Brian Gough <bjg@network-theory.co.uk>
Date: Tue, 26 Jan 2016 15:52:00 +0000
Subject: [PATCH] don't log csrf errors to sentry

---
 services/web/app.coffee | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/services/web/app.coffee b/services/web/app.coffee
index 5b96d1db0b..3d45307e5d 100644
--- a/services/web/app.coffee
+++ b/services/web/app.coffee
@@ -19,6 +19,10 @@ argv = require("optimist")
 	.argv
 
 Server.app.use (error, req, res, next) ->
+	if error?.code is 'EBADCSRFTOKEN'
+		logger.log err: error,url:req.url, method:req.method, user:req?.sesson?.user, "invalid csrf"
+		res.sendStatus(403)
+		return
 	logger.error err: error, url:req.url, method:req.method, user:req?.sesson?.user, "error passed to top level next middlewear"
 	res.statusCode = error.status or 500
 	if res.statusCode == 500