GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This implements #893 using a slightly modified version of rack-protection.
Please do not merge as long as the associated pull request is closed. If it is not accepted, the change can cleanly ported by ourselves.
OK great, thanks for putting this together. Nice to have an authenticity token built in.
Add csrf token handling
This adds csrf token handling based on a modified version of Rack::Protection.
Add a csrf_token_field helper for forms
The token field is automatically generated without user interaction
Use the master version of rack-protection
I ported rack/protection#46 temporarily. It is now extension in core which should be removed once rhk releases the next rack-protection (this weekend).
Port rack/protection#46 temporarily
Revert "Port rack/protection#46 temporarily"
This reverts commit 7c207aa.
Remove rack-protection from Gemfile
Add minimum rack-protection version
Merge pull request #1100 from skade/authenticity_token
Add csrf protection through authenticity_token