I hereby claim:
- I am forced-request on github.
- I am forcedrequest (https://keybase.io/forcedrequest) on keybase.
- I have a public key whose fingerprint is 5717 2014 FCD3 25E9 0676 55D9 7995 BE99 3DC8 6C86
To claim this, I am signing this object:
def create | |
user = Users.where(:username => params[:sessions][:username]).first | |
unless user.nil? | |
if user.password == compute | |
render :text => "Login Successfully" | |
else | |
render :text => NOT_EXISTS | |
end | |
else | |
render :text => NOT_EXISTS |
I hereby claim:
To claim this, I am signing this object:
<html> | |
<head> | |
<title>Test</title> | |
<script src="jquery-1.11.1.min.js"></script> | |
<script> | |
$(document).ready(function () { | |
alert('hiii'); | |
}); | |
</script> | |
</head> |
class ApplicationController < ActionController::Base | |
protect_from_forgery with: :exception | |
end |
class ApplicationController < ActionController::Base | |
protect_from_forgery | |
# Overload handle_unverified_request to ensure that | |
# exception is raised each time a request does not | |
# pass validation. | |
def handle_unverified_request | |
raise(ActionController::InvalidAuthenticityToken) | |
end | |
end |
class ApplicationController < ActionController::Base | |
protect_from_forgery | |
# Overload handle_unverified_request to ensure that | |
# exception is raised each time a request does not | |
# pass validation. | |
def handle_unverified_request | |
raise(ActionController::InvalidAuthenticityToken) | |
end | |
end |
def reset_session | |
session.destroy if session && session.respond_to?(:destroy) | |
self.session = {} | |
@env['action_dispatch.request.flash_hash'] = nil | |
end |
def handle_unverified_request | |
reset_session | |
end | |
def verified_request? | |
!protect_against_forgery? || request.get? || | |
form_authenticity_token == params[request_forgery_protection_token] || | |
form_authenticity_token == request.headers['X-CSRF-Token'] | |
end |
def verify_authenticity_token | |
unless verified_request? | |
logger.warn "WARNING: Can't verify CSRF token authenticity" if logger | |
handle_unverified_request | |
end | |
end |
def protect_from_forgery(options = {}) | |
self.request_forgery_protection_token ||= :authenticity_token | |
prepend_before_filter :verify_authenticity_token, options | |
end | |
def verify_authenticity_token | |
unless verified_request? | |
logger.warn "WARNING: Can't verify CSRF token authenticity" if logger | |
handle_unverified_request | |
end |