Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 31 lines (29 sloc) 0.989 kb
78de17c Jeremy Kemper Expose CSRF tag for UJS adapters
jeremy authored
1 module ActionView
5a0bc2c Rizwan Reza Adds title and description where needed.
rizwanreza authored
2 # = Action View CSRF Helper
78de17c Jeremy Kemper Expose CSRF tag for UJS adapters
jeremy authored
3 module Helpers
4 module CsrfHelper
a87b92d Xavier Noria revises implementation and documentation of csrf_meta_tags, and aliases ...
fxn authored
5 # Returns meta tags "csrf-param" and "csrf-token" with the name of the cross-site
6 # request forgery protection parameter and token, respectively.
7 #
8 # <head>
9 # <%= csrf_meta_tags %>
10 # </head>
11 #
12 # These are used to generate the dynamic forms that implement non-remote links with
13 # <tt>:method</tt>.
14 #
15 # Note that regular forms generate hidden fields, and that Ajax calls are whitelisted,
16 # so they do not use these tags.
17 def csrf_meta_tags
2cdc1f0 James Robinson Make csrf_meta_tags use the tag helper
robinjam authored
18 if protect_against_forgery?
19 [
20 tag('meta', :name => 'csrf-param', :content => request_forgery_protection_token),
21 tag('meta', :name => 'csrf-token', :content => form_authenticity_token)
22 ].join("\n").html_safe
23 end
78de17c Jeremy Kemper Expose CSRF tag for UJS adapters
jeremy authored
24 end
a87b92d Xavier Noria revises implementation and documentation of csrf_meta_tags, and aliases ...
fxn authored
25
26 # For backwards compatibility.
27 alias csrf_meta_tag csrf_meta_tags
78de17c Jeremy Kemper Expose CSRF tag for UJS adapters
jeremy authored
28 end
29 end
30 end
Something went wrong with that request. Please try again.