Project

General

Profile

Actions
Copy link

Patch #36317

closed

Set default protect from forgery true

Added by Takashi Kato over 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Marius BĂLTEANU
Category:
Rails support
Target version:
5.0.0
Start date:
Due date:
% Done:

0%

Estimated time:

Description

In Rails 5.2 and later, the default is to raise an exception for invalid CSRF tokens, and there is a configuration for that.

https://github.com/rails/rails/blob/6-1-stable/railties/lib/rails/application/configuration.rb#L123

In Rails 7 and later, the current implementation causes a Deprecation Warning.

Files

0001-set-default_protect_from_forgery-true.patch (2.07 KB) 0001-set-default_protect_from_forgery-true.patch Takashi Kato, 2021-12-14 23:42

Related issues

Related to Redmine - Feature #36320: Migrate to Rails 7.1ReopenedMarius BĂLTEANU

Actions
Related to Redmine - Defect #37030: Requests fail with "Can't verify CSRF token authenticity" in mail handlerClosedMarius BĂLTEANU

Actions
Related to Redmine - Defect #37562: POST Requests to repository WS fail with "Can't verify CSRF token authenticity"ClosedGo MAEDA

Actions
Actions
Copy link

Also available in: Atom PDF