annotate config/initializers/request_forgery_protection.rb @ 160:4e4195e60c2b

Add check at user level as well
author nanaya <me@nanaya.pro>
date Fri, 03 Aug 2018 01:45:16 +0900
parents 257910c60eb3
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
72
257910c60eb3 Rails 5 \o/
nanaya <me@myconan.net>
parents:
diff changeset
1 # Be sure to restart your server when you modify this file.
257910c60eb3 Rails 5 \o/
nanaya <me@myconan.net>
parents:
diff changeset
2
257910c60eb3 Rails 5 \o/
nanaya <me@myconan.net>
parents:
diff changeset
3 # Enable origin-checking CSRF mitigation.
257910c60eb3 Rails 5 \o/
nanaya <me@myconan.net>
parents:
diff changeset
4 Rails.application.config.action_controller.forgery_protection_origin_check = true