diff options
Diffstat (limited to 'actionpack/lib')
-rw-r--r-- | actionpack/lib/action_view/helpers.rb | 2 | ||||
-rw-r--r-- | actionpack/lib/action_view/helpers/csrf_helper.rb | 12 |
2 files changed, 14 insertions, 0 deletions
diff --git a/actionpack/lib/action_view/helpers.rb b/actionpack/lib/action_view/helpers.rb index ceb0e18d80..b4f649385a 100644 --- a/actionpack/lib/action_view/helpers.rb +++ b/actionpack/lib/action_view/helpers.rb @@ -7,6 +7,7 @@ module ActionView #:nodoc: autoload :AtomFeedHelper, 'action_view/helpers/atom_feed_helper' autoload :CacheHelper, 'action_view/helpers/cache_helper' autoload :CaptureHelper, 'action_view/helpers/capture_helper' + autoload :CsrfHelper, 'action_view/helpers/csrf_helper' autoload :DateHelper, 'action_view/helpers/date_helper' autoload :DebugHelper, 'action_view/helpers/debug_helper' autoload :FormHelper, 'action_view/helpers/form_helper' @@ -40,6 +41,7 @@ module ActionView #:nodoc: include AtomFeedHelper include CacheHelper include CaptureHelper + include CsrfHelper include DateHelper include DebugHelper include FormHelper diff --git a/actionpack/lib/action_view/helpers/csrf_helper.rb b/actionpack/lib/action_view/helpers/csrf_helper.rb new file mode 100644 index 0000000000..2d6af52180 --- /dev/null +++ b/actionpack/lib/action_view/helpers/csrf_helper.rb @@ -0,0 +1,12 @@ +module ActionView + module Helpers + module CsrfHelper + # Returns a meta tag with the request forgery protection token for forms to use. Put this in your head. + def csrf_meta_tag + if protect_against_forgery? + %(<meta name="csrf-token" content="#{Rack::Utils.escape(form_authenticity_token)}"/>).html_safe + end + end + end + end +end |