mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Update some jquery-ujs references to rails-ujs
[ci skip]
This commit is contained in:
parent
5e8dfcd12d
commit
9cc2f50f9c
3 changed files with 10 additions and 10 deletions
|
@ -550,8 +550,9 @@ url helper.
|
|||
<%= user_url(@user, host: 'example.com') %>
|
||||
```
|
||||
|
||||
NOTE: non-`GET` links require [jQuery UJS](https://github.com/rails/jquery-ujs)
|
||||
and won't work in mailer templates. They will result in normal `GET` requests.
|
||||
NOTE: non-`GET` links require [rails-ujs](https://github.com/rails/rails-ujs) or
|
||||
[jQuery UJS](https://github.com/rails/jquery-ujs), and won't work in mailer templates.
|
||||
They will result in normal `GET` requests.
|
||||
|
||||
### Adding images in Action Mailer Views
|
||||
|
||||
|
|
|
@ -257,13 +257,12 @@ protect_from_forgery with: :exception
|
|||
|
||||
This will automatically include a security token in all forms and Ajax requests generated by Rails. If the security token doesn't match what was expected, an exception will be thrown.
|
||||
|
||||
NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for
|
||||
jQuery](https://github.com/rails/jquery-ujs), which adds a header called
|
||||
`X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token.
|
||||
Without this header, non-GET Ajax requests won't be accepted by Rails. When using
|
||||
another library to make Ajax calls, it is necessary to add the security token as
|
||||
a default header for Ajax calls in your library. To get the token, have a look at
|
||||
`<meta name='csrf-token' content='THE-TOKEN'>` tag printed by
|
||||
NOTE: By default, Rails includes an [unobtrusive scripting adapter](https://github.com/rails/rails-ujs),
|
||||
which adds a header called `X-CSRF-Token` with the security token on every non-GET
|
||||
Ajax call. Without this header, non-GET Ajax requests won't be accepted by Rails.
|
||||
When using another library to make Ajax calls, it is necessary to add the security
|
||||
token as a default header for Ajax calls in your library. To get the token, have
|
||||
a look at `<meta name='csrf-token' content='THE-TOKEN'>` tag printed by
|
||||
`<%= csrf_meta_tags %>` in your application view.
|
||||
|
||||
It is common to use persistent cookies to store user information, with `cookies.permanent` for example. In this case, the cookies will not be cleared and the out of the box CSRF protection will not be effective. If you are using a different cookie store than the session for this information, you must handle what to do with it yourself:
|
||||
|
|
|
@ -149,7 +149,7 @@ Because of Unobtrusive JavaScript, the Rails "Ajax helpers" are actually in two
|
|||
parts: the JavaScript half and the Ruby half.
|
||||
|
||||
Unless you have disabled the Asset Pipeline,
|
||||
[rails.js](https://github.com/rails/jquery-ujs/blob/master/src/rails.js)
|
||||
[rails-ujs](https://github.com/rails/rails-ujs/blob/master/src/rails-ujs.coffee)
|
||||
provides the JavaScript half, and the regular Ruby view helpers add appropriate
|
||||
tags to your DOM.
|
||||
|
||||
|
|
Loading…
Reference in a new issue