aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_view/helpers/controller_helper.rb
diff options
context:
space:
mode:
authorAaron Patterson <aaron.patterson@gmail.com>2016-02-01 17:17:56 -0800
committerAaron Patterson <aaron.patterson@gmail.com>2016-02-01 17:44:33 -0800
commit9892626579d1c62c367e5344a1d1642708340f88 (patch)
treeaaf9f35f2dfe7156d0f4f8ae9b1b31b8c0d0f493 /actionpack/lib/action_view/helpers/controller_helper.rb
parenta7a376a6fa9867f4b1af2d7d12dd22d7042c5fe6 (diff)
downloadrails-9892626579d1c62c367e5344a1d1642708340f88.tar.gz
rails-9892626579d1c62c367e5344a1d1642708340f88.tar.bz2
rails-9892626579d1c62c367e5344a1d1642708340f88.zip
Generated engines should protect from forgery
Generated engines should call `protect_from_forgery`. If this method isn't called, then the Engine could be susceptible to XSS attacks. Thanks @tomekr for reporting this to us! Conflicts: railties/lib/rails/generators/rails/plugin/templates/app/controllers/%namespaced_name%/application_controller.rb.tt railties/test/generators/plugin_generator_test.rb
Diffstat (limited to 'actionpack/lib/action_view/helpers/controller_helper.rb')
0 files changed, 0 insertions, 0 deletions