From 8b4dca109a307e807a34a86e51f41b5d8a7d75b2 Mon Sep 17 00:00:00 2001
From: Carl Lerche <carllerche@mac.com>
Date: Thu, 11 Mar 2010 10:08:18 -0800
Subject: ActionController::Base.request_forgery_protection_token should
 actually be the name of the token and not true.

---
 actionpack/lib/action_controller/metal/request_forgery_protection.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'actionpack')

diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index 6765314df2..39a809657b 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -12,7 +12,7 @@ module ActionController #:nodoc:
     included do
       # Sets the token parameter name for RequestForgery. Calling +protect_from_forgery+
       # sets it to <tt>:authenticity_token</tt> by default.
-      config.request_forgery_protection_token ||= true
+      config.request_forgery_protection_token ||= :authenticity_token
 
       # Controls whether request forgergy protection is turned on or not. Turned off by default only in test mode.
       config.allow_forgery_protection ||= true
-- 
cgit v1.2.3