kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/actionpack/lib/action_controller
History
eileencodes 3979403781 Change the protect_from_forgery prepend default to false 
Per this comment
https://github.com/rails/rails/pull/18334#issuecomment-69234050 we want
`protect_from_forgery` to default to `prepend: false`.

`protect_from_forgery` will now be insterted into the callback chain at the
point it is called in your application. This is useful for cases where you
want to `protect_from_forgery` after you perform required authentication
callbacks or other callbacks that are required to run after forgery protection.

If you want `protect_from_forgery` callbacks to always run first, regardless of
position they are called in your application, then you can add `prepend: true`
to your `protect_from_forgery` call.

Example:

```ruby
protect_from_forgery prepend: true
```
2015-12-07 10:38:26 -05:00
..
caching
metal Change the protect_from_forgery prepend default to false 2015-12-07 10:38:26 -05:00
railties
api.rb remove RackDelegation module 2015-08-26 11:53:15 -07:00
base.rb eagerly allocate the renderer object 2015-09-14 15:29:19 -07:00
caching.rb remove RackDelegation module 2015-08-26 11:53:15 -07:00
form_builder.rb remove extra = in form builder example [ci skip] 2015-04-15 23:06:01 +09:00
log_subscriber.rb Freeze string literals when not mutated. 2015-07-19 17:45:10 -05:00
metal.rb Delete needless require 'active_support/deprecation' 2015-10-20 20:02:59 +09:00
railtie.rb
renderer.rb allocate request objects with the env hash, set routes on the request 2015-09-15 07:38:39 -07:00
template_assertions.rb Remove assigns and assert_template. 2015-05-30 14:13:57 +08:00
test_case.rb Merge branch 'master' of github.com:rails/docrails 2015-10-31 17:01:41 +00:00