kotovalexarian-likes-github
/
sinatra
mirror of https://github.com/sinatra/sinatra
1
0
Fork 0
Code Releases Activity

Block invalid requests instead of raising error

This commit is contained in:
Jordan Owens 2022-02-02 15:44:35 -05:00
parent b2c628b05f
commit 6a6c5f5507
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rack-protection/lib/rack/protection/authenticity_token.rb
View File

@ -112,6 +112,8 @@ module Rack
valid_token?(env, env['HTTP_X_CSRF_TOKEN']) ||
valid_token?(env, Request.new(env).params[options[:authenticity_param]]) ||
( options[:allow_if] && options[:allow_if].call(env) )
rescue
false
end
def mask_authenticity_token(session, path: nil, method: :post)