diff options
author | Ben Toews <mastahyeti@users.noreply.github.com> | 2016-01-04 12:23:55 -0700 |
---|---|---|
committer | Ben Toews <mastahyeti@users.noreply.github.com> | 2016-01-04 12:26:38 -0700 |
commit | 3e98819e20bc113343d4d4c0df614865ad5a9d3a (patch) | |
tree | fa003a9cbbec97f7d1cdb9a87a2c065473ad2e4d /actionview/lib/action_view/helpers/form_tag_helper.rb | |
parent | e165f7fa6044926796c9d9a8bb9a81bc78431d4f (diff) | |
download | rails-3e98819e20bc113343d4d4c0df614865ad5a9d3a.tar.gz rails-3e98819e20bc113343d4d4c0df614865ad5a9d3a.tar.bz2 rails-3e98819e20bc113343d4d4c0df614865ad5a9d3a.zip |
add option for per-form CSRF tokens
Diffstat (limited to 'actionview/lib/action_view/helpers/form_tag_helper.rb')
-rw-r--r-- | actionview/lib/action_view/helpers/form_tag_helper.rb | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/actionview/lib/action_view/helpers/form_tag_helper.rb b/actionview/lib/action_view/helpers/form_tag_helper.rb index 79a1a242bf..d521553481 100644 --- a/actionview/lib/action_view/helpers/form_tag_helper.rb +++ b/actionview/lib/action_view/helpers/form_tag_helper.rb @@ -870,10 +870,16 @@ module ActionView '' when /^post$/i, "", nil html_options["method"] = "post" - token_tag(authenticity_token) + token_tag(authenticity_token, form_options: { + action: html_options["action"], + method: "post" + }) else html_options["method"] = "post" - method_tag(method) + token_tag(authenticity_token) + method_tag(method) + token_tag(authenticity_token, form_options: { + action: html_options["action"], + method: method + }) end if html_options.delete("enforce_utf8") { true } |