kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity

docs, shorten CsrfHelper description and refer to security guide. [ci skip]

This commit is contained in:
Yves Senn 2014-03-08 15:46:43 +01:00
parent 2883cb9766
commit dc8bfc8ab6
1 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
guides/source/action_view_overview.md
View File

@ -1591,16 +1591,11 @@ Returns meta tags "csrf-param" and "csrf-token" with the name of the cross-site
request forgery protection parameter and token, respectively.
```html
<%= csrf_meta_tags %>
<%= csrf_meta_tags %>
```
These are used to generate the dynamic forms that implement non-remote links
with `:method`.
Note that regular forms generate hidden fields, and that Ajax calls are
whitelisted, so they do not use these tags.
More details can be found in the [Rails Security Guide](security.html).
NOTE: Regular forms generate hidden fields so they do not use these tags. More
details can be found in the [Rails Security Guide](security.html#cross-site-request-forgery-csrf).
Localized Views
---------------