Extract form_authenticity_param instance method so it's overridable in subclasses

author: Jeremy Kemper <jeremy@bitsweat.net> 2009-11-17 23:36:48 -0800
committer: Jeremy Kemper <jeremy@bitsweat.net> 2009-11-17 23:40:06 -0800
commit: e1385be025263fad6d339010d42fe553d1de64af (patch)
tree: 9e514c2c2a0ad77e4b857ee3d52cfbcdc796f802 /actionpack/lib/action_controller/metal/request_forgery_protection.rb
parent: ea290e77e6c50b13a0c9000eceaa5412de6918bc (diff)
download: rails-e1385be025263fad6d339010d42fe553d1de64af.tar.gz
rails-e1385be025263fad6d339010d42fe553d1de64af.tar.bz2
rails-e1385be025263fad6d339010d42fe553d1de64af.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index 113c20a758..173df79ee7 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -101,6 +101,11 @@ module ActionController #:nodoc:
         session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32)
       end
 
+      # The form's authenticity parameter. Override to provide your own.
+      def form_authenticity_param
+        params[request_forgery_protection_token]
+      end
+
       def protect_against_forgery?
         allow_forgery_protection
       end
author	Jeremy Kemper <jeremy@bitsweat.net>	2009-11-17 23:36:48 -0800
committer	Jeremy Kemper <jeremy@bitsweat.net>	2009-11-17 23:40:06 -0800
commit	e1385be025263fad6d339010d42fe553d1de64af (patch)
tree	9e514c2c2a0ad77e4b857ee3d52cfbcdc796f802 /actionpack/lib/action_controller/metal/request_forgery_protection.rb
parent	ea290e77e6c50b13a0c9000eceaa5412de6918bc (diff)
download	rails-e1385be025263fad6d339010d42fe553d1de64af.tar.gz rails-e1385be025263fad6d339010d42fe553d1de64af.tar.bz2 rails-e1385be025263fad6d339010d42fe553d1de64af.zip