- Inheritance
Classes & Modules
Methods
Class
| Visibility | Signature |
|---|---|
| public | included (base) |
Instance
| Visibility | Signature |
|---|---|
| protected | form_authenticity_token () |
| protected | protect_against_forgery? () |
| protected | verifiable_request_format? () |
| protected | verified_request? () |
| protected | verify_authenticity_token () |
Class Method Detail
included(base)
Instance Method Detail
form_authenticity_token()
Sets the token value for the current session. Pass a :secret option in protect_from_forgery to add a custom salt to the hash.
protect_against_forgery?()
verifiable_request_format?()
verified_request?()
Returns true or false if a request is verified. Checks:
- is the format restricted? By default, only HTML and AJAX requests are checked.
- is it a GET request? Gets should be safe and idempotent
- Does the form_authenticity_token match the given token value from the params?
verify_authenticity_token()
The actual before_filter that is used. Modify this to change how you handle unverified requests.