diff options
Diffstat (limited to 'actionpack/lib/action_controller/metal')
-rw-r--r-- | actionpack/lib/action_controller/metal/request_forgery_protection.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index eb7057d278..c99fed9212 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -8,10 +8,10 @@ module ActionController #:nodoc: # Controller actions are protected from Cross-Site Request Forgery (CSRF) attacks # by including a token in the rendered html for your application. This token is # stored as a random string in the session, to which an attacker does not have - # access. When a request reaches your application, Rails verifies the received + # access. When a request reaches your application, \Rails verifies the received # token with the token in the session. All requests are checked except GET requests - # as these should be idempotent. It's is important to remember that XML or JSON - # requests are also affected and if you're building an API you'll need + # as these should be idempotent. It's important to remember that XML or JSON + # requests are also affected and if you're building an API you'll need # something like that: # # class ApplicationController < ActionController::Base |