1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/railties/lib
Jean Boussier 4e3504fc5b Stop failing GSRF token generation when session is disabled
In theory this should have warned early that the CSRF check
will fail, which would have been less puzzling for the developer.

However there are several cases where we render forms but the session
is inacessible. That's the case of turbo (https://github.com/hotwired/turbo-rails/issues/243)
as well as some others.

So unless we figure a proper way to detect these cases, we're better
to not cause this error.

Writing to a disabled session directly will still raise, this
only silence it for the specific case of CSRF.
2021-10-11 14:08:48 +02:00
..
minitest Fix backtraces for generated plugin tests 2020-10-07 15:40:56 -05:00
rails Stop failing GSRF token generation when session is disabled 2021-10-11 14:08:48 +02:00
rails.rb Add benchmark method that can be called from anywhere 2020-12-04 15:52:10 +03:00