Sha256: 7ad57803ab02ac4878264c8916f4f54f16a166d937f7f0794a5f34e123c18c63
Contents?: true
Size: 727 Bytes
Versions: 27
Compression:
Stored size: 727 Bytes
Contents
require 'rack/protection' module Rack module Protection ## # Prevented attack:: CSRF # Supported browsers:: all # More infos:: http://en.wikipedia.org/wiki/Cross-site_request_forgery # # Only accepts submitted forms if a given access token matches the token # included in the session. Does not expect such a token from Ajax request. # # This middleware is not used when using the Rack::Protection collection, # since it might be a security issue, depending on your application # # Compatible with rack-csrf. class FormToken < AuthenticityToken def accepts?(env) env["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest" or super end end end end
Version data entries
27 entries across 24 versions & 4 rubygems