-
由 Matthew Caruana Galizia 提交于
CSRF verification for non-XHR GET requests (cross-origin `<script>` tags) didn't check this flag before logging failures. Setting `config.action_controller.log_warning_on_csrf_failure = false` now disables logging for these CSRF failures as well. Closes #25086. Signed-off-by: NJeremy Daer <jeremydaer@gmail.com>
683b9627