Enable CSRF token check for JS tests
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
This is a follow-up issue from https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4865#note_61948883:
Test scenarios in context has epics in list in ee/spec/features/epics/new_epic_spec.rb actually work properly (although it doesn't seem so), even in this test CSRF token is not sent from browser back to server, so the test should fail. But it doesn't because for tests we have CSRF token check disabled: config.action_controller.allow_forgery_protection = false (https://gitlab.com/gitlab-org/gitlab-ce/blob/v10.5.0/config/environments/test.rb#L32)
To avoid issues like #4865 (closed) I think it would make sense to enable CSRF token check when running JS tests.