mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
a58db74c4f
The `#csrf_meta_tags` and `#token_tag` Action View helper methods are expecting the class in which are included to explicitly define the method `#protect_against_forgery?` or else they will fail with `NoMethodError`. This is a problem if you want to use Action View outside of Rails applications. For example, in #34788 I used the `#button_to` helper inside of the error pages templates that have a custom `ActionView::Base` subclass, which did not defined `#protect_against_forgery?` and trying to call the button failed. I had to dig inside of Action View to find-out what's was going on. I think we should either set a default method implementation in the helpers or check for the method definition, but don't explicitly require the presence of `#protect_against_forgery?` in every `ActionViews::Base` subclass as the errors are hard to figure out. |
||
|---|---|---|
| .. | ||
| actionpack | ||
| activerecord | ||
| fixtures | ||
| lib/controller | ||
| template | ||
| ujs | ||
| abstract_unit.rb | ||
| active_record_unit.rb | ||