Add explicit statement that verify_authenticity_token can be turned off for actions.
This commit is contained in:
parent
6aa408e11c
commit
167964149e
@ -53,9 +53,13 @@ module ClassMethods
|
||||
# class FooController < ApplicationController
|
||||
# protect_from_forgery :except => :index
|
||||
#
|
||||
# # you can disable csrf protection on controller-by-controller basis:
|
||||
# skip_before_filter :verify_authenticity_token
|
||||
# end
|
||||
# You can disable csrf protection on controller-by-controller basis:
|
||||
#
|
||||
# skip_before_filter :verify_authenticity_token
|
||||
#
|
||||
# It can also be disabled for specific controller actions:
|
||||
#
|
||||
# skip_before_filter :verify_authenticity_token, :except => [:create]
|
||||
#
|
||||
# Valid Options:
|
||||
#
|
||||
|
Loading…
Reference in New Issue
Block a user