RSpec
Ruby on Rails
Ruby
method
valid_per_form_csrf_token?
v5.2.3 -
Show latest stable
-
0 notes -
Class: ActionController::RequestForgeryProtection
- 1.0.0
- 1.1.6
- 1.2.6
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.8
- 3.0.0
- 3.0.9
- 3.1.0
- 3.2.1
- 3.2.8
- 3.2.13
- 4.0.2
- 4.1.8
- 4.2.1
- 4.2.7
- 4.2.9
- 5.0.0.1 (0)
- 5.1.7 (0)
- 5.2.3 (0)
- 6.0.0 (0)
- 6.1.3.1 (0)
- 6.1.7.7 (0)
- 7.0.0 (0)
- 7.1.3.2 (0)
- What's this?
-
included
(<= v2.3.8)
-
new
(>= v7.1.3.2)
-
any_authenticity_token_valid?
-
authenticity_token_from_coo...
(<= v2.2.1)
-
authenticity_token_from_ses...
(<= v2.2.1)
-
commit_csrf_token
(>= v7.1.3.2)
-
compare_with_global_token
(>= v6.1.3.1)
-
compare_with_real_token
-
csrf_token_hmac
(>= v6.1.3.1)
-
decode_csrf_token
(>= v6.1.3.1)
-
encode_csrf_token
(>= v6.1.3.1)
-
form_authenticity_param
-
form_authenticity_token
-
generate_csrf_token
(>= v6.1.3.1)
-
global_csrf_token
(>= v6.1.3.1)
-
handle_unverified_request
-
marked_for_same_origin_veri...
-
mark_for_same_origin_verifi...
-
masked_authenticity_token
-
mask_token
(>= v6.1.3.1)
-
non_xhr_javascript_response?
-
normalize_action_path
-
per_form_csrf_token
-
protect_against_forgery?
-
protect_from_forgery
(<= v3.0.0)
-
real_csrf_token
-
request_authenticity_tokens
-
reset_csrf_token
(>= v7.1.3.2)
-
unmask_token
-
unverified_request_warning_...
(>= v7.0.0)
-
valid_authenticity_token?
-
valid_per_form_csrf_token?
-
valid_request_origin?
-
verifiable_request_format?
(<= v2.3.8)
-
verified_request?
-
verify_authenticity_token
-
verify_same_origin_request
-
xor_byte_strings
= private
= protected
valid_per_form_csrf_token?(token, session)
private
Hide source
# File actionpack/lib/action_controller/metal/request_forgery_protection.rb, line 376 def valid_per_form_csrf_token?(token, session) # :doc: if per_form_csrf_tokens correct_token = per_form_csrf_token( session, normalize_action_path(request.fullpath), request.request_method ) ActiveSupport::SecurityUtils.fixed_length_secure_compare(token, correct_token) else false end end
