Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def form_authenticity_token
- @form_authenticity_token ||= if !session.respond_to?(:session_id)
- raise InvalidAuthenticityToken, "Request Forgery Protection requires a valid session. Use #allow_forgery_protection to disable it, or use a valid session."
- elsif request_forgery_protection_options[:secret]
- authenticity_token_from_session_id
- elsif session.respond_to?(:dbman) && session.dbman.respond_to?(:generate_digest)
- authenticity_token_from_cookie_session
- else
- raise InvalidAuthenticityToken, "No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store)."
- end
- end
Add Comment
Please, Sign In to add comment