aboutsummaryrefslogblamecommitdiffstats
path: root/actionpack/lib/action_view/helpers/csrf_helper.rb
blob: 3d03f6aac6d5b36c16333764402ed4bfd0fa832b (plain) (tree)
1
2
3
4
5
6
7
8
9
                 
                             

                     

                                                                               

                                   
                                                                                                                                                                                                                




           
module ActionView
  # = Action View CSRF Helper
  module Helpers
    module CsrfHelper
      # Returns a meta tag with the cross-site request forgery protection token
      # for forms to use. Place this in your head.
      def csrf_meta_tag
        if protect_against_forgery?
          %(<meta name="csrf-param" content="#{Rack::Utils.escape_html(request_forgery_protection_token)}"/>\n<meta name="csrf-token" content="#{Rack::Utils.escape_html(form_authenticity_token)}"/>).html_safe
        end
      end
    end
  end
end