开发者

Rails 3 Authenticity Token

开发者 https://www.devze.com 2023-01-03 18:49 出处:网络
Does anyone know how the authent开发者_如何学JAVAicity token is managed in Ruby on Rails 3? With all the unobtrusive Javascript Ruby on Rails 3 articles showing how the HTML5 data attributes are used

Does anyone know how the authent开发者_如何学JAVAicity token is managed in Ruby on Rails 3? With all the unobtrusive Javascript Ruby on Rails 3 articles showing how the HTML5 data attributes are used I don't see the authenticity token anywhere.


You need to put this in the head section of your layout file(s):

<%= csrf_meta_tag %>

—which outputs:

<meta name="csrf-token" content="<%= form_authenticity_token %>" />
<meta name="csrf-param" content="authenticity_token" />


If you have been using

token_tag

to add validation to custom forms without the form helper, you must now use:

token_tag form_authenticity_token


config/initializers/secret_token.rb

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号