Sha256: 314d5d120f0ea52ab69d345b7b4205452f0d0ef4086089cce1493209f8505bcf

Contents?: true

Size: 933 Bytes

Versions: 7

Compression:

Stored size: 933 Bytes

Contents

module Immunio
  module CsrfHook
    extend ActiveSupport::Concern

    included do
      if method_defined? :verify_authenticity_token
        Immunio::Utils.alias_method_chain self, :verify_authenticity_token, :immunio
      end
    end

    protected
      def verify_authenticity_token_with_immunio
        Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
          Immunio.logger.debug { "ActiveSupport checking CSRF token" }

          Immunio.run_hook! "csrf", "framework_csrf_check", valid: verified_request?

          Request.pause "plugin", "#{Module.nesting[0]}::#{__method__}" do
            verify_authenticity_token_without_immunio
          end
        end
      end
  end
end

Immunio::Plugin.load 'ActionController (CSRF)',
                     hooks: %w( framework_csrf_check ) do |plugin|

  ActionController::Base.send :include, Immunio::CsrfHook

  plugin.loaded! ActionPack::VERSION::STRING
end

Version data entries

7 entries across 7 versions & 1 rubygems

Version Path
immunio-1.1.18 lib/immunio/plugins/csrf.rb
immunio-1.1.16 lib/immunio/plugins/csrf.rb
immunio-1.1.15 lib/immunio/plugins/csrf.rb
immunio-1.1.13 lib/immunio/plugins/csrf.rb
immunio-1.1.11 lib/immunio/plugins/csrf.rb
immunio-1.1.10 lib/immunio/plugins/csrf.rb
immunio-1.1.7 lib/immunio/plugins/csrf.rb