mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Merge pull request #18147 from andreynering/guides-line-breaks-fix
Do not use line breaks on notes [ci skip]
This commit is contained in:
commit
8259d79560
2 changed files with 3 additions and 12 deletions
|
@ -1382,16 +1382,12 @@ WHERE people.name = 'John'
|
|||
LIMIT 1
|
||||
```
|
||||
|
||||
NOTE: Remember that, if `find_by` return more than one registry, it will take just the first
|
||||
and ignore the others. Note the `LIMIT 1` statement above.
|
||||
NOTE: Remember that, if `find_by` return more than one registry, it will take just the first and ignore the others. Note the `LIMIT 1` statement above.
|
||||
|
||||
Find or Build a New Object
|
||||
--------------------------
|
||||
|
||||
NOTE: Some dynamic finders were deprecated in Rails 4.0 and
|
||||
removed in Rails 4.1. The best practice is to use Active Record scopes
|
||||
instead. You can find the deprecation gem at
|
||||
https://github.com/rails/activerecord-deprecated_finders
|
||||
NOTE: Some dynamic finders were deprecated in Rails 4.0 and removed in Rails 4.1. The best practice is to use Active Record scopes instead. You can find the deprecation gem at https://github.com/rails/activerecord-deprecated_finders
|
||||
|
||||
It's common that you need to find a record or create it if it doesn't exist. You can do that with the `find_or_create_by` and `find_or_create_by!` methods.
|
||||
|
||||
|
|
|
@ -247,12 +247,7 @@ protect_from_forgery with: :exception
|
|||
|
||||
This will automatically include a security token in all forms and Ajax requests generated by Rails. If the security token doesn't match what was expected, an exception will be thrown.
|
||||
|
||||
NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for jQuery](https://github.com/rails/jquery-ujs),
|
||||
which adds a header called `X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token.
|
||||
Without this header, your non-GET requests won't be accepted by Rails. If you want to use another library
|
||||
to make Ajax calls, you will have to find how add the security token as a default header for Ajax calls in
|
||||
your library. To get the token have a look at the `<meta name='csrf-token' content='THE-TOKEN'>` tag printed
|
||||
by `<%= csrf_meta_tags %>` in your application view.
|
||||
NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for jQuery](https://github.com/rails/jquery-ujs), which adds a header called `X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token. Without this header, non-GET Ajax requests won't be accepted by Rails. When using another library to make Ajax calls, it is necessary to add the security token as a default header for Ajax calls in your library. To get the token, have a look at `<meta name='csrf-token' content='THE-TOKEN'>` tag printed by `<%= csrf_meta_tags %>` in your application view.
|
||||
|
||||
It is common to use persistent cookies to store user information, with `cookies.permanent` for example. In this case, the cookies will not be cleared and the out of the box CSRF protection will not be effective. If you are using a different cookie store than the session for this information, you must handle what to do with it yourself:
|
||||
|
||||
|
|
Loading…
Reference in a new issue