kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/railties/lib
History
Jean Boussier 4e3504fc5b Stop failing GSRF token generation when session is disabled 
In theory this should have warned early that the CSRF check
will fail, which would have been less puzzling for the developer.

However there are several cases where we render forms but the session
is inacessible. That's the case of turbo (https://github.com/hotwired/turbo-rails/issues/243)
as well as some others.

So unless we figure a proper way to detect these cases, we're better
to not cause this error.

Writing to a disabled session directly will still raise, this
only silence it for the specific case of CSRF.
2021-10-11 14:08:48 +02:00
..
minitest
rails Stop failing GSRF token generation when session is disabled 2021-10-11 14:08:48 +02:00
rails.rb