ActionController::Base.request_forgery_protection_token should actually be the...

ActionController::Base.request_forgery_protection_token should actually be the name of the token and not true.

ActionController::Base.request_forgery_protection_token should actually be the...
ActionController::Base.request_forgery_protection_token should actually be the name of the token and not true.
8b4dca10 · Carl Lerche · 58796dcf · 8b4dca10
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

actionpack/lib/action_controller/metal/request_forgery_protection.rb ...lib/action_controller/metal/request_forgery_protection.rb +1 -1

未找到文件。
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -12,7 +12,7 @@ module RequestForgeryProtection
    included do
      # Sets the token parameter name for RequestForgery. Calling +protect_from_forgery+
      # sets it to <tt>:authenticity_token</tt> by default.
-      config.request_forgery_protection_token ||= true
+      config.request_forgery_protection_token ||= :authenticity_token

      # Controls whether request forgergy protection is turned on or not. Turned off by default only in test mode.
      config.allow_forgery_protection ||= true