Project

General

Profile

Actions
Copy link

Patch #36317

closed

Set default protect from forgery true

Added by Takashi Kato over 1 year ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Marius BALTEANU
Category:
Rails support
Target version:
5.0.0
Start date:
Due date:
% Done:

0%

Estimated time:

Description

In Rails 5.2 and later, the default is to raise an exception for invalid CSRF tokens, and there is a configuration for that.

https://github.com/rails/rails/blob/6-1-stable/railties/lib/rails/application/configuration.rb#L123

In Rails 7 and later, the current implementation causes a Deprecation Warning.

Files

0001-set-default_protect_from_forgery-true.patch (2.07 KB) 0001-set-default_protect_from_forgery-true.patch Takashi Kato, 2021-12-14 23:42

Related issues

Related to Redmine - Feature #36320: Migrate to Rails 7New

Actions
Related to Redmine - Defect #37030: Requests fail with "Can't verify CSRF token authenticity" in mail handlerClosedMarius BALTEANU

Actions
Related to Redmine - Defect #37562: POST Requests to repository WS fail with "Can't verify CSRF token authenticity"ClosedGo MAEDA

Actions
Actions
Copy link
 #1

Updated by Go MAEDA over 1 year ago

  • Target version set to Candidate for next major release
Actions
Copy link
 #2

Updated by Go MAEDA over 1 year ago

Actions
Copy link
 #3

Updated by Marius BALTEANU over 1 year ago

  • Assignee set to Marius BALTEANU
Actions
Copy link
 #4

Updated by Marius BALTEANU over 1 year ago

  • Status changed from New to Closed
  • Target version changed from Candidate for next major release to 5.0.0

Patch committed, thanks!

Actions
Copy link
 #5

Updated by Go MAEDA about 1 year ago

  • Related to Defect #37030: Requests fail with "Can't verify CSRF token authenticity" in mail handler added
Actions
Copy link
 #6

Updated by Go MAEDA 10 months ago

  • Related to Defect #37562: POST Requests to repository WS fail with "Can't verify CSRF token authenticity" added
Actions
Copy link

Also available in: Atom PDF