diff options
author | Pratik Naik <pratiknaik@gmail.com> | 2009-07-25 16:03:58 +0100 |
---|---|---|
committer | Pratik Naik <pratiknaik@gmail.com> | 2009-07-25 16:03:58 +0100 |
commit | e033b5d037c303a34e0c5aec2b38ec6270f00f86 (patch) | |
tree | 7c69e6ef81028d0c1978d0b1dcea14893a146554 /actionpack/lib/action_controller/base | |
parent | 0c68d23f19010379a9320690ca17a26743c8f071 (diff) | |
download | rails-e033b5d037c303a34e0c5aec2b38ec6270f00f86.tar.gz rails-e033b5d037c303a34e0c5aec2b38ec6270f00f86.tar.bz2 rails-e033b5d037c303a34e0c5aec2b38ec6270f00f86.zip |
Merge docrails
Diffstat (limited to 'actionpack/lib/action_controller/base')
-rw-r--r-- | actionpack/lib/action_controller/base/http_authentication.rb | 2 | ||||
-rw-r--r-- | actionpack/lib/action_controller/base/request_forgery_protection.rb | 3 |
2 files changed, 2 insertions, 3 deletions
diff --git a/actionpack/lib/action_controller/base/http_authentication.rb b/actionpack/lib/action_controller/base/http_authentication.rb index 2519f55269..525787bf92 100644 --- a/actionpack/lib/action_controller/base/http_authentication.rb +++ b/actionpack/lib/action_controller/base/http_authentication.rb @@ -276,7 +276,7 @@ module ActionController # # The nonce is opaque to the client. Composed of Time, and hash of Time with secret # key from the Rails session secret generated upon creation of project. Ensures - # the time cannot be modifed by client. + # the time cannot be modified by client. def nonce(time = Time.now) t = time.to_i hashed = [t, secret_key] diff --git a/actionpack/lib/action_controller/base/request_forgery_protection.rb b/actionpack/lib/action_controller/base/request_forgery_protection.rb index 6ba86cd0be..ad06657f86 100644 --- a/actionpack/lib/action_controller/base/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/base/request_forgery_protection.rb @@ -106,8 +106,7 @@ module ActionController #:nodoc: !request.content_type.nil? && request.content_type.verify_request? end - # Sets the token value for the current session. Pass a <tt>:secret</tt> option - # in +protect_from_forgery+ to add a custom salt to the hash. + # Sets the token value for the current session. def form_authenticity_token session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32) end |