diff options
| author | Piotr Sarnacki <drogus@gmail.com> | 2012-03-28 04:03:50 +0200 |
|---|---|---|
| committer | Piotr Sarnacki <drogus@gmail.com> | 2012-03-28 14:37:23 +0200 |
| commit | d646d9d2e76a66037cb258c179a6ca5133f13ede (patch) | |
| tree | 0430fc84a0a89e29a4b5cd97a480465fe5e26e89 /actionpack/CHANGELOG.md | |
| parent | 2d5b60e982cf210c36f849185382546cf16b52b9 (diff) | |
| download | rails-d646d9d2e76a66037cb258c179a6ca5133f13ede.tar.gz rails-d646d9d2e76a66037cb258c179a6ca5133f13ede.tar.bz2 rails-d646d9d2e76a66037cb258c179a6ca5133f13ede.zip | |
Added config.action_view.embed_authenticity_token_in_remote_forms
There is a regression introduced in 16ee611fa, which breaks
remote forms that should also work without javascript. This commit
introduces config option that allows to configure this behavior
defaulting to the old behavior (ie. include authenticity token
in remote forms by default)
Diffstat (limited to 'actionpack/CHANGELOG.md')
| -rw-r--r-- | actionpack/CHANGELOG.md | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 465d19e50d..d275569cf6 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,5 +1,7 @@ ## Rails 3.2.3 (unreleased) ## +* Add `config.action_view.embed_authenticity_token_in_remote_forms` (defaults to true) which allows to set if authenticity token will be included by default in remote forms. If you change it to false, you can still force authenticity token by passing `:authenticity_token => true` in form options *Piotr Sarnacki* + * Do not include the authenticity token in forms where remote: true as ajax forms use the meta-tag value *DHH* * Turn off verbose mode of rack-cache, we still have X-Rack-Cache to |