# frozen_string_literal: true module Quilt class TrustedUiServerCsrfStrategy def initialize(controller) @controller = controller end def handle_unverified_request return if node_server_side_render? fallback_handler.handle_unverified_request end private def node_server_side_render? @controller.request.headers['x-shopify-server-side-rendered'] == '1' end def fallback_handler ActionController::RequestForgeryProtection::ProtectionMethods::Exception.new(@controller) end end end