diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2012-03-28 06:58:17 -0700 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2012-03-28 10:58:57 -0300 |
commit | 84ca8c8cd07d700598e87b418370268f146b122c (patch) | |
tree | ad46958fd3b6266318e6cca057ccc2f306ab82a7 /actionpack/CHANGELOG.md | |
parent | 4f66586bbfacbce4c07f2b9d8d142be1bf6d4e5e (diff) | |
download | rails-84ca8c8cd07d700598e87b418370268f146b122c.tar.gz rails-84ca8c8cd07d700598e87b418370268f146b122c.tar.bz2 rails-84ca8c8cd07d700598e87b418370268f146b122c.zip |
Merge pull request #5633 from drogus/embed-auth-token-in-remote-forms
Embed auth token in remote forms
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r-- | actionpack/CHANGELOG.md | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 465d19e50d..d275569cf6 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,5 +1,7 @@ ## Rails 3.2.3 (unreleased) ## +* Add `config.action_view.embed_authenticity_token_in_remote_forms` (defaults to true) which allows to set if authenticity token will be included by default in remote forms. If you change it to false, you can still force authenticity token by passing `:authenticity_token => true` in form options *Piotr Sarnacki* + * Do not include the authenticity token in forms where remote: true as ajax forms use the meta-tag value *DHH* * Turn off verbose mode of rack-cache, we still have X-Rack-Cache to |