Merge pull request #5633 from drogus/embed-auth-token-in-remote-forms

Embed auth token in remote forms
author: Santiago Pastorino <santiago@wyeworks.com> 2012-03-28 06:58:17 -0700
committer: Santiago Pastorino <santiago@wyeworks.com> 2012-03-28 10:58:57 -0300
commit: 84ca8c8cd07d700598e87b418370268f146b122c (patch)
tree: ad46958fd3b6266318e6cca057ccc2f306ab82a7 /actionpack/CHANGELOG.md
parent: 4f66586bbfacbce4c07f2b9d8d142be1bf6d4e5e (diff)
download: rails-84ca8c8cd07d700598e87b418370268f146b122c.tar.gz
rails-84ca8c8cd07d700598e87b418370268f146b122c.tar.bz2
rails-84ca8c8cd07d700598e87b418370268f146b122c.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 465d19e50d..d275569cf6 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,5 +1,7 @@
 ## Rails 3.2.3 (unreleased) ##
 
+*   Add `config.action_view.embed_authenticity_token_in_remote_forms` (defaults to true) which allows to set if authenticity token will be included by default in remote forms. If you change it to false, you can still force authenticity token by passing `:authenticity_token => true` in form options *Piotr Sarnacki*
+
 *   Do not include the authenticity token in forms where remote: true as ajax forms use the meta-tag value *DHH*
 
 *   Turn off verbose mode of rack-cache, we still have X-Rack-Cache to
author	Santiago Pastorino <santiago@wyeworks.com>	2012-03-28 06:58:17 -0700
committer	Santiago Pastorino <santiago@wyeworks.com>	2012-03-28 10:58:57 -0300
commit	84ca8c8cd07d700598e87b418370268f146b122c (patch)
tree	ad46958fd3b6266318e6cca057ccc2f306ab82a7 /actionpack/CHANGELOG.md
parent	4f66586bbfacbce4c07f2b9d8d142be1bf6d4e5e (diff)
download	rails-84ca8c8cd07d700598e87b418370268f146b122c.tar.gz rails-84ca8c8cd07d700598e87b418370268f146b122c.tar.bz2 rails-84ca8c8cd07d700598e87b418370268f146b122c.zip