Sha256: a15a4a44028c3c05163f698778b4565b0cb82fe323f8558c17af00a93e9bb4ed
Contents?: true
Size: 1.17 KB
Versions: 89
Compression:
Stored size: 1.17 KB
Contents
# frozen_string_literal: true module ActionView # = Action View CSRF Helper module Helpers #:nodoc: module CsrfHelper # Returns meta tags "csrf-param" and "csrf-token" with the name of the cross-site # request forgery protection parameter and token, respectively. # # <head> # <%= csrf_meta_tags %> # </head> # # These are used to generate the dynamic forms that implement non-remote links with # <tt>:method</tt>. # # You don't need to use these tags for regular forms as they generate their own hidden fields. # # For AJAX requests other than GETs, extract the "csrf-token" from the meta-tag and send as the # "X-CSRF-Token" HTTP header. If you are using rails-ujs this happens automatically. # def csrf_meta_tags if protect_against_forgery? [ tag("meta", name: "csrf-param", content: request_forgery_protection_token), tag("meta", name: "csrf-token", content: form_authenticity_token) ].join("\n").html_safe end end # For backwards compatibility. alias csrf_meta_tag csrf_meta_tags end end end
Version data entries
89 entries across 89 versions & 4 rubygems