mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
docs, shorten CsrfHelper description and refer to security guide. [ci skip]
This commit is contained in:
parent
2883cb9766
commit
dc8bfc8ab6
1 changed files with 3 additions and 8 deletions
|
@ -1591,16 +1591,11 @@ Returns meta tags "csrf-param" and "csrf-token" with the name of the cross-site
|
||||||
request forgery protection parameter and token, respectively.
|
request forgery protection parameter and token, respectively.
|
||||||
|
|
||||||
```html
|
```html
|
||||||
<%= csrf_meta_tags %>
|
<%= csrf_meta_tags %>
|
||||||
```
|
```
|
||||||
|
|
||||||
These are used to generate the dynamic forms that implement non-remote links
|
NOTE: Regular forms generate hidden fields so they do not use these tags. More
|
||||||
with `:method`.
|
details can be found in the [Rails Security Guide](security.html#cross-site-request-forgery-csrf).
|
||||||
|
|
||||||
Note that regular forms generate hidden fields, and that Ajax calls are
|
|
||||||
whitelisted, so they do not use these tags.
|
|
||||||
|
|
||||||
More details can be found in the [Rails Security Guide](security.html).
|
|
||||||
|
|
||||||
Localized Views
|
Localized Views
|
||||||
---------------
|
---------------
|
||||||
|
|
Loading…
Reference in a new issue