Created
May 12, 2020 04:35
-
-
Save searls/acf309263929ef93d4843a75c52e3a5f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module StaticRails | |
class SetsCsrfToken | |
def call(req, res) | |
res.set_cookie("_csrf_token", | |
value: masked_authenticity_token(req.session), | |
path: "/", | |
expires: Time.now + 24 * 60 * 60) | |
end | |
private | |
def real_csrf_token(session) | |
ActionController::RequestForgeryProtection.instance_method(:real_csrf_token).bind(self).call(session) | |
end | |
def masked_authenticity_token(session, form_options: {}) | |
ActionController::RequestForgeryProtection.instance_method(:masked_authenticity_token).bind(self).call(session, form_options) | |
end | |
def xor_byte_strings(s1, s2) | |
ActionController::RequestForgeryProtection.instance_method(:xor_byte_strings).bind(self).call(s1, s2) | |
end | |
def per_form_csrf_tokens | |
false | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment