From b383b346600d5325a211376837bc83b7ae472f46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hrvoje=20=C5=A0imi=C4=87?= <shime@twobucks.co>
Date: Sat, 11 Mar 2017 14:17:44 +0100
Subject: [docs] fix ActionController documentation

[ci skip]
---
 .../lib/action_controller/metal/request_forgery_protection.rb  | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'actionpack/lib/action_controller/metal/request_forgery_protection.rb')

diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index e8965a6561..d9a8b9c12d 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -262,9 +262,9 @@ module ActionController #:nodoc:
 
       # Returns true or false if a request is verified. Checks:
       #
-      # * Is it a GET or HEAD request?  Gets should be safe and idempotent
+      # * Is it a GET or HEAD request? GETs should be safe and idempotent
       # * Does the form_authenticity_token match the given token value from the params?
-      # * Does the X-CSRF-Token header match the form_authenticity_token
+      # * Does the X-CSRF-Token header match the form_authenticity_token?
       def verified_request? # :doc:
         !protect_against_forgery? || request.get? || request.head? ||
           (valid_request_origin? && any_authenticity_token_valid?)
@@ -327,7 +327,7 @@ module ActionController #:nodoc:
         if masked_token.length == AUTHENTICITY_TOKEN_LENGTH
           # This is actually an unmasked token. This is expected if
           # you have just upgraded to masked tokens, but should stop
-          # happening shortly after installing this gem
+          # happening shortly after installing this gem.
           compare_with_real_token masked_token, session
 
         elsif masked_token.length == AUTHENTICITY_TOKEN_LENGTH * 2
@@ -336,13 +336,13 @@ module ActionController #:nodoc:
           compare_with_real_token(csrf_token, session) ||
             valid_per_form_csrf_token?(csrf_token, session)
         else
-          false # Token is malformed
+          false # Token is malformed.
         end
       end
 
       def unmask_token(masked_token) # :doc:
         # Split the token into the one-time pad and the encrypted
-        # value and decrypt it
+        # value and decrypt it.
         one_time_pad = masked_token[0...AUTHENTICITY_TOKEN_LENGTH]
         encrypted_csrf_token = masked_token[AUTHENTICITY_TOKEN_LENGTH..-1]
         xor_byte_strings(one_time_pad, encrypted_csrf_token)
-- 
cgit v1.2.3