You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current forgery protection is not raise any exceptions as said in documentation. It just quietly reset session. And request processing goes to controller action.
CSRF protection is turned on with the protect_from_forgery method,
which will check the token and raise an ActionController::InvalidAuthenticityToken
if it doesn't match what was expected. A call to this method is generated for new
\Rails applications by default. You can customize the error message by editing
public/422.html.
def verify_authenticity_token
verified_request? || handle_unverified_request
end
def handle_unverified_request
reset_session
end
The text was updated successfully, but these errors were encountered:
Imported from Lighthouse. Original ticket at: http://rails.lighthouseapp.com/projects/8994/tickets/6674
Created by Anton Topchii - 2011-04-05 20:58:29 UTC
Current forgery protection is not raise any exceptions as said in documentation. It just quietly reset session. And request processing goes to controller action.
CSRF protection is turned on with the protect_from_forgery method,
which will check the token and raise an ActionController::InvalidAuthenticityToken
if it doesn't match what was expected. A call to this method is generated for new
\Rails applications by default. You can customize the error message by editing
public/422.html.
The text was updated successfully, but these errors were encountered: