1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Merge pull request #18147 from andreynering/guides-line-breaks-fix

Do not use line breaks on notes [ci skip]
This commit is contained in:
Sean Griffin 2014-12-22 17:04:26 -07:00
commit 8259d79560
2 changed files with 3 additions and 12 deletions

View file

@ -1382,16 +1382,12 @@ WHERE people.name = 'John'
LIMIT 1
```
NOTE: Remember that, if `find_by` return more than one registry, it will take just the first
and ignore the others. Note the `LIMIT 1` statement above.
NOTE: Remember that, if `find_by` return more than one registry, it will take just the first and ignore the others. Note the `LIMIT 1` statement above.
Find or Build a New Object
--------------------------
NOTE: Some dynamic finders were deprecated in Rails 4.0 and
removed in Rails 4.1. The best practice is to use Active Record scopes
instead. You can find the deprecation gem at
https://github.com/rails/activerecord-deprecated_finders
NOTE: Some dynamic finders were deprecated in Rails 4.0 and removed in Rails 4.1. The best practice is to use Active Record scopes instead. You can find the deprecation gem at https://github.com/rails/activerecord-deprecated_finders
It's common that you need to find a record or create it if it doesn't exist. You can do that with the `find_or_create_by` and `find_or_create_by!` methods.

View file

@ -247,12 +247,7 @@ protect_from_forgery with: :exception
This will automatically include a security token in all forms and Ajax requests generated by Rails. If the security token doesn't match what was expected, an exception will be thrown.
NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for jQuery](https://github.com/rails/jquery-ujs),
which adds a header called `X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token.
Without this header, your non-GET requests won't be accepted by Rails. If you want to use another library
to make Ajax calls, you will have to find how add the security token as a default header for Ajax calls in
your library. To get the token have a look at the `<meta name='csrf-token' content='THE-TOKEN'>` tag printed
by `<%= csrf_meta_tags %>` in your application view.
NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for jQuery](https://github.com/rails/jquery-ujs), which adds a header called `X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token. Without this header, non-GET Ajax requests won't be accepted by Rails. When using another library to make Ajax calls, it is necessary to add the security token as a default header for Ajax calls in your library. To get the token, have a look at `<meta name='csrf-token' content='THE-TOKEN'>` tag printed by `<%= csrf_meta_tags %>` in your application view.
It is common to use persistent cookies to store user information, with `cookies.permanent` for example. In this case, the cookies will not be cleared and the out of the box CSRF protection will not be effective. If you are using a different cookie store than the session for this information, you must handle what to do with it yourself: