The actual before_action that is used to verify the CSRF token. Don’t override this directly. Provide your own forgery protection strategy instead. If you override, you’ll disable same-origin `<script>` verification.
# File actionpack/lib/action_controller/metal/request_forgery_protection.rb, line 192 def verify_authenticity_token mark_for_same_origin_verification! if !verified_request? logger.warn "Can't verify CSRF token authenticity" if logger handle_unverified_request end end