method
verify_same_origin_request
v7.1.3.4 -
Show latest stable
- Class:
ActionController::RequestForgeryProtection
verify_same_origin_request()private
If verify_authenticity_token was run (indicating that we have forgery protection enabled for this request) then also verify that we aren’t serving an unauthorized cross-origin response.
- commit_csrf_token
- reset_csrf_token
- new
-
any_authenticity_token_valid? - compare_with_global_token
- compare_with_real_token
- csrf_token_hmac
- decode_csrf_token
- encode_csrf_token
- form_authenticity_param
- form_authenticity_token
- generate_csrf_token
- global_csrf_token
- handle_unverified_request
- mark_for_same_origin_verification!
- marked_for_same_origin_verification?
- mask_token
- masked_authenticity_token
- non_xhr_javascript_response?
- normalize_action_path
- per_form_csrf_token
- protect_against_forgery?
- real_csrf_token
- request_authenticity_tokens
- unmask_token
- unverified_request_warning_message
- valid_authenticity_token?
- valid_per_form_csrf_token?
- valid_request_origin?
- verified_request?
- verify_authenticity_token
- verify_same_origin_request
- xor_byte_strings