diff options
4 files changed, 4 insertions, 4 deletions
diff --git a/actionpack/lib/action_view/helpers/csrf_helper.rb b/actionpack/lib/action_view/helpers/csrf_helper.rb index 092855b578..65c8debc76 100644 --- a/actionpack/lib/action_view/helpers/csrf_helper.rb +++ b/actionpack/lib/action_view/helpers/csrf_helper.rb @@ -17,7 +17,7 @@ module ActionView # Note that regular forms generate hidden fields, and that Ajax calls are whitelisted, # so they do not use these tags. def csrf_meta_tags - <<-METAS.strip_heredoc.html_safe if protect_against_forgery? + <<-METAS.strip_heredoc.chomp.html_safe if protect_against_forgery? <meta name="csrf-param" content="#{Rack::Utils.escape_html(request_forgery_protection_token)}"/> <meta name="csrf-token" content="#{Rack::Utils.escape_html(form_authenticity_token)}"/> METAS diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index 7e169431f4..5af25a0894 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -220,7 +220,7 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase test 'should emit a csrf-token meta tag' do ActiveSupport::SecureRandom.stubs(:base64).returns(@token + '<=?') get :meta - assert_equal <<-METAS.strip_heredoc, @response.body + assert_equal <<-METAS.strip_heredoc.chomp, @response.body <meta name="csrf-param" content="authenticity_token"/> <meta name="csrf-token" content="cf50faa3fe97702ca1ae<=?"/> METAS diff --git a/railties/guides/source/getting_started.textile b/railties/guides/source/getting_started.textile index 9eae712a93..92b9131b59 100644 --- a/railties/guides/source/getting_started.textile +++ b/railties/guides/source/getting_started.textile @@ -559,7 +559,7 @@ The view is only part of the story of how HTML is displayed in your web browser. <title>Blog</title> <%= stylesheet_link_tag :all %> <%= javascript_include_tag :defaults %> - <%= csrf_meta_tags %> + <%= csrf_meta_tag %> </head> <body style="background: #EEEEEE;"> diff --git a/railties/lib/rails/generators/rails/app/templates/app/views/layouts/application.html.erb.tt b/railties/lib/rails/generators/rails/app/templates/app/views/layouts/application.html.erb.tt index 1de78eecae..1dd112b4a6 100644 --- a/railties/lib/rails/generators/rails/app/templates/app/views/layouts/application.html.erb.tt +++ b/railties/lib/rails/generators/rails/app/templates/app/views/layouts/application.html.erb.tt @@ -4,7 +4,7 @@ <title><%= app_const_base %></title> <%%= stylesheet_link_tag :all %> <%%= javascript_include_tag :defaults %> - <%%= csrf_meta_tags %> + <%%= csrf_meta_tag %> </head> <body> |