diff options
Diffstat (limited to 'railties/lib/rails/generators')
3 files changed, 8 insertions, 5 deletions
diff --git a/railties/lib/rails/generators/app_base.rb b/railties/lib/rails/generators/app_base.rb index 8e9083e6eb..f3333d0acb 100644 --- a/railties/lib/rails/generators/app_base.rb +++ b/railties/lib/rails/generators/app_base.rb @@ -58,6 +58,9 @@ module Rails class_option :skip_test_unit, :type => :boolean, :aliases => "-T", :default => false, :desc => "Skip Test::Unit files" + class_option :http_only, :type => :boolean, :default => false, + :desc => "Preconfigure smaller stack for HTTP only apps" + class_option :help, :type => :boolean, :aliases => "-h", :group => :rails, :desc => "Show this help message and quit" end diff --git a/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb b/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb deleted file mode 100644 index b3d6adad2a..0000000000 --- a/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb +++ /dev/null @@ -1,5 +0,0 @@ -class ApplicationController < ActionController::Base - # prevent CSRF attacks by raising an exception, - # if your application has an API, you'll probably need to use :reset_session - protect_from_forgery :with => :exception -end diff --git a/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb.tt b/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb.tt new file mode 100644 index 0000000000..699b2c1119 --- /dev/null +++ b/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb.tt @@ -0,0 +1,5 @@ +class ApplicationController < ActionController::<%= options.http_only? ? "HTTP" : "Base" %> + # Prevent CSRF attacks by raising an exception. + # For APIs, you may want to use :reset_session instead. + <%= comment_if :http_only %>protect_from_forgery :with => :exception +end |