diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2016-02-01 17:17:56 -0800 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2016-02-01 17:44:33 -0800 |
commit | 9892626579d1c62c367e5344a1d1642708340f88 (patch) | |
tree | aaf9f35f2dfe7156d0f4f8ae9b1b31b8c0d0f493 /actionpack/lib/action_view/helpers/controller_helper.rb | |
parent | a7a376a6fa9867f4b1af2d7d12dd22d7042c5fe6 (diff) | |
download | rails-9892626579d1c62c367e5344a1d1642708340f88.tar.gz rails-9892626579d1c62c367e5344a1d1642708340f88.tar.bz2 rails-9892626579d1c62c367e5344a1d1642708340f88.zip |
Generated engines should protect from forgery
Generated engines should call `protect_from_forgery`. If this method
isn't called, then the Engine could be susceptible to XSS attacks.
Thanks @tomekr for reporting this to us!
Conflicts:
railties/lib/rails/generators/rails/plugin/templates/app/controllers/%namespaced_name%/application_controller.rb.tt
railties/test/generators/plugin_generator_test.rb
Diffstat (limited to 'actionpack/lib/action_view/helpers/controller_helper.rb')
0 files changed, 0 insertions, 0 deletions