diff options
| author | Jeremy Kemper <jeremy@bitsweat.net> | 2007-12-10 01:15:30 +0000 |
|---|---|---|
| committer | Jeremy Kemper <jeremy@bitsweat.net> | 2007-12-10 01:15:30 +0000 |
| commit | 380ddd5310753fdf3082198e719642d44c68e69f (patch) | |
| tree | 89ff14ae58cdaceae02d0adeede4ea60f43b61f1 /actionpack/lib/action_controller/request_forgery_protection.rb | |
| parent | a93fea800f598a752f66dcc3de76a986461af72c (diff) | |
| download | rails-380ddd5310753fdf3082198e719642d44c68e69f.tar.gz rails-380ddd5310753fdf3082198e719642d44c68e69f.tar.bz2 rails-380ddd5310753fdf3082198e719642d44c68e69f.zip | |
Document how to disable forgery protection for tests. Useful note for those upgrading from 1.x. Closes #10440 [Trevor Turk]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8350 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/lib/action_controller/request_forgery_protection.rb')
| -rw-r--r-- | actionpack/lib/action_controller/request_forgery_protection.rb | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/request_forgery_protection.rb b/actionpack/lib/action_controller/request_forgery_protection.rb index 035bad7498..75f9c0b284 100644 --- a/actionpack/lib/action_controller/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/request_forgery_protection.rb @@ -54,6 +54,12 @@ module ActionController #:nodoc: # skip_before_filter :verify_authenticity_token # end # + # If you are upgrading from Rails 1.x, disable forgery protection to + # simplify your tests. Add this to config/environments/test.rb: + # + # # Disable request forgery protection in test environment + # config.action_controller.allow_forgery_protection = false + # # Valid Options: # # * <tt>:only/:except</tt> - passed to the before_filter call. Set which actions are verified. @@ -123,4 +129,4 @@ module ActionController #:nodoc: allow_forgery_protection && request_forgery_protection_token end end -end
\ No newline at end of file +end |