Methods
Class Public methods
new(cookie = :csrf_token) Link
Instance Public methods
fetch(request) Link
# File actionpack/lib/action_controller/metal/request_forgery_protection.rb, line 336 def fetch(request) contents = request.cookie_jar.encrypted[@cookie_name] return nil if contents.nil? value = JSON.parse(contents) return nil unless value.dig("session_id", "public_id") == request.session.id_was&.public_id value["token"] rescue JSON::ParserError nil end
reset(request) Link
store(request, csrf_token) Link
# File actionpack/lib/action_controller/metal/request_forgery_protection.rb, line 348 def store(request, csrf_token) request.cookie_jar.encrypted.permanent[@cookie_name] = { value: { token: csrf_token, session_id: request.session.id, }.to_json, httponly: true, same_site: :lax, } end