Skip to content

Instantly share code, notes, and snippets.

@judofyr
Created October 14, 2011 07:11
Show Gist options
  • Save judofyr/1286453 to your computer and use it in GitHub Desktop.
Save judofyr/1286453 to your computer and use it in GitHub Desktop.
Protect Camping apps from CSRF
require 'camping'
require 'camping/session'
require 'rack/csrf'
Camping.goes :E
module E
use Rack::Csrf
include Camping::Session
end
module E::Helpers
# Override form to always include the CSRF-tag
def form(*)
super do
self << Rack::Csrf.tag(@env)
yield
end
end
end
module E::Controllers
class Index
def get
render :index
end
def post
"OK: #{@input.name}"
end
end
end
module E::Views
def index
form :action => R(Index), :method => :post do
input :name => "name"
input :type => "submit"
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment