diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2016-02-01 17:17:56 -0800 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2016-02-01 17:18:08 -0800 |
commit | 538bce1f7c676f4a5b3d800ed0f68ec065776a7f (patch) | |
tree | 1c92ddf619d9b4f1c6326993dba7500051f51ac4 /railties/lib/rails/test_unit/railtie.rb | |
parent | 96b9609e2b006d7b75d099a29729fe8d805f12bf (diff) | |
download | rails-538bce1f7c676f4a5b3d800ed0f68ec065776a7f.tar.gz rails-538bce1f7c676f4a5b3d800ed0f68ec065776a7f.tar.bz2 rails-538bce1f7c676f4a5b3d800ed0f68ec065776a7f.zip |
Generated engines should protect from forgery
Generated engines should call `protect_from_forgery`. If this method
isn't called, then the Engine could be susceptible to XSS attacks.
Thanks @tomekr for reporting this to us!
Diffstat (limited to 'railties/lib/rails/test_unit/railtie.rb')
0 files changed, 0 insertions, 0 deletions