class Quilt::HeaderCsrfStrategy
Constants
- HEADER
- HEADER_VALUE
Public Class Methods
new(controller)
click to toggle source
# File lib/quilt_rails/header_csrf_strategy.rb, line 8 def initialize(controller) @controller = controller end
Public Instance Methods
handle_unverified_request()
click to toggle source
# File lib/quilt_rails/header_csrf_strategy.rb, line 12 def handle_unverified_request raise NoSameSiteHeaderError unless same_site? end
Private Instance Methods
fallback_handler()
click to toggle source
# File lib/quilt_rails/header_csrf_strategy.rb, line 22 def fallback_handler ActionController::RequestForgeryProtection::ProtectionMethods::Exception.new(@controller) end
same_site?()
click to toggle source
# File lib/quilt_rails/header_csrf_strategy.rb, line 18 def same_site? @controller.request.headers[HEADER] == HEADER_VALUE end