diff options
| author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-05-06 14:30:21 -0300 |
|---|---|---|
| committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-05-06 14:30:21 -0300 |
| commit | 2bb008a6cfa5ddfc4442fe7ec979e4861c9f4e09 (patch) | |
| tree | 0cc6b4666fa6635b03da195b46b9d0764de3a888 /actionpack/lib/action_controller/metal/request_forgery_protection.rb | |
| parent | bdcd5f94b2efdf661f201917d63476c245aa7c09 (diff) | |
| parent | 7d5a858e5ce54d449066ad0a00917248475fa7f0 (diff) | |
| download | rails-2bb008a6cfa5ddfc4442fe7ec979e4861c9f4e09.tar.gz rails-2bb008a6cfa5ddfc4442fe7ec979e4861c9f4e09.tar.bz2 rails-2bb008a6cfa5ddfc4442fe7ec979e4861c9f4e09.zip | |
Merge pull request #14945 from tomkadwill/form_authenticity_param_refactor
Moved 'params[request_forgery_protection_token]' into its own method and...
Diffstat (limited to 'actionpack/lib/action_controller/metal/request_forgery_protection.rb')
| -rw-r--r-- | actionpack/lib/action_controller/metal/request_forgery_protection.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index e3b1f5ae7c..1355fe87d0 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -247,7 +247,7 @@ module ActionController #:nodoc: # * Does the X-CSRF-Token header match the form_authenticity_token def verified_request? !protect_against_forgery? || request.get? || request.head? || - form_authenticity_token == params[request_forgery_protection_token] || + form_authenticity_token == form_authenticity_param || form_authenticity_token == request.headers['X-CSRF-Token'] end |