Skip to content

Instantly share code, notes, and snippets.

@forced-request

forced-request/request_forgery_protection.rb

Last active March 27, 2017 17:55
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save forced-request/6d86ed02aba073bc2f70 to your computer and use it in GitHub Desktop.
Save forced-request/6d86ed02aba073bc2f70 to your computer and use it in GitHub Desktop.
Download ZIP
handle_unverified_request
Raw
request_forgery_protection.rb
def handle_unverified_request
reset_session
end
def verified_request?
!protect_against_forgery? || request.get? ||
form_authenticity_token == params[request_forgery_protection_token] ||
form_authenticity_token == request.headers['X-CSRF-Token']
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment