aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal/request_forgery_protection.rb
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack/lib/action_controller/metal/request_forgery_protection.rb')
-rw-r--r--actionpack/lib/action_controller/metal/request_forgery_protection.rb4
1 files changed, 2 insertions, 2 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index 356493bde6..4cb634477e 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -44,7 +44,7 @@ module ActionController #:nodoc:
# during request.
#
# We may want to disable CSRF protection for APIs since they are typically
- # designed to be state-less. That is, the requestion API client will handle
+ # designed to be state-less. That is, the request API client will handle
# the session for you instead of Rails.
#
# The token parameter is named <tt>authenticity_token</tt> by default. The name and
@@ -258,7 +258,7 @@ module ActionController #:nodoc:
# Returns true or false if a request is verified. Checks:
#
- # * is it a GET or HEAD request? Gets should be safe and idempotent
+ # * Is it a GET or HEAD request? Gets should be safe and idempotent
# * Does the form_authenticity_token match the given token value from the params?
# * Does the X-CSRF-Token header match the form_authenticity_token
def verified_request?
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 18:14:50 +0000