aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/request_forgery_protection.rb
Commit message (Collapse)AuthorAgeFilesLines
* Better error messages if you leave out the :secret option for request ↵Rick Olson2007-09-281-1/+5
| | | | | | forgery protection. Closes #9670 [rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7671 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Allow ability to disable request forgery protection, disable it in test mode ↵Rick Olson2007-09-281-3/+11
| | | | | | by default. Closes #9693 [lifofifo] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7668 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Change from InvalidToken to InvalidAuthenticityToken to be more specificDavid Heinemeier Hansson2007-09-241-7/+12
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7623 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* port over some of the csrf_killer README docsRick Olson2007-09-241-0/+13
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7614 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Beefed up docs a bitDavid Heinemeier Hansson2007-09-241-17/+27
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7612 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Rename some RequestForgeryProtection methods. The class method is now ↵Rick Olson2007-09-231-20/+31
| | | | | | #protect_from_forgery, and the default parameter is now 'authenticity_token'. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7596 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model ↵Rick Olson2007-09-231-0/+75
that verifies session-specific _tokens for non-GET requests. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7592 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-02 21:57:24 +0000