method
verified_request?
rails latest stable - Class:
ActionController::RequestForgeryProtection
verified_request?()private
Returns true or false if a request is verified. Checks:
-
Is it a GET or HEAD request? GETs should be safe and idempotent
-
Does the form_authenticity_token match the given token value from the params?
-
Does the X-CSRF-Token header match the form_authenticity_token?
- commit_csrf_token
- reset_csrf_token
- new
-
any_authenticity_token_valid? - compare_with_global_token
- compare_with_real_token
- csrf_token_hmac
- decode_csrf_token
- encode_csrf_token
- form_authenticity_param
- form_authenticity_token
- generate_csrf_token
- global_csrf_token
- handle_unverified_request
- mark_for_same_origin_verification!
- marked_for_same_origin_verification?
- mask_token
- masked_authenticity_token
- non_xhr_javascript_response?
- normalize_action_path
- per_form_csrf_token
- protect_against_forgery?
- real_csrf_token
- request_authenticity_tokens
- unmask_token
- unverified_request_warning_message
- valid_authenticity_token?
- valid_per_form_csrf_token?
- valid_request_origin?
- verified_request?
- verify_authenticity_token
- verify_same_origin_request
- xor_byte_strings