Contents

# frozen_string_literal: true

module Quilt
  class TrustedUiServerCsrfStrategy
    def initialize(controller)
      @controller = controller
    end

    def handle_unverified_request
      return if node_server_side_render?

      fallback_handler.handle_unverified_request
    end

    private

    def node_server_side_render?
      @controller.request.headers['x-shopify-server-side-rendered'] == '1'
    end

    def fallback_handler
      ActionController::RequestForgeryProtection::ProtectionMethods::Exception.new(@controller)
    end
  end
end

Version data entries

27 entries across 27 versions & 1 rubygems

Version	Path
quilt_rails-3.5.5	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.5.4	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.5.2	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.5.1	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.5.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.4.2	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.4.1	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.4.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.3.1	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.3.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.2.1	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.1.1	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.1.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-3.0.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-2.0.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-1.13.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-1.12.2	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-1.12.1	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-1.12.0	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb
quilt_rails-1.11.1	lib/quilt_rails/trusted_ui_server_csrf_strategy.rb