Module: Cuba::CSRF
- Defined in:
- lib/cuba/csrf.rb
Instance Method Summary collapse
- #csrf_form_tag ⇒ Object (also: #csrf_tag)
- #csrf_meta_tag ⇒ Object
- #csrf_safe? ⇒ Boolean
- #csrf_token ⇒ Object
Instance Method Details
#csrf_form_tag ⇒ Object Also known as: csrf_tag
15 16 17 |
# File 'lib/cuba/csrf.rb', line 15 def csrf_form_tag %Q(<input type="hidden" name="csrf_token" value="#{csrf_token}">) end |
#csrf_meta_tag ⇒ Object
20 21 22 |
# File 'lib/cuba/csrf.rb', line 20 def %Q(<meta name="csrf_token" content="#{csrf_token}">) end |
#csrf_safe? ⇒ Boolean
5 6 7 8 9 |
# File 'lib/cuba/csrf.rb', line 5 def csrf_safe? req.get? || req.head? || req[:csrf_token] == csrf_token || env["HTTP_X_CSRF_TOKEN"] == csrf_token end |
#csrf_token ⇒ Object
11 12 13 |
# File 'lib/cuba/csrf.rb', line 11 def csrf_token session[:csrf_token] ||= SecureRandom.base64(32) end |