module RequestForgeryProtectionActions

common controller actions

Public Instance Methods

cross_origin_js() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 66
def cross_origin_js
  same_origin_js
end
form_for_remote() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 24
def form_for_remote
  render inline: "<%= form_for(:some_resource, :remote => true ) {} %>"
end
form_for_remote_with_external_token() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 36
def form_for_remote_with_external_token
  render inline: "<%= form_for(:some_resource, :remote => true, :authenticity_token => 'external_token') {} %>"
end
form_for_remote_with_token() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 28
def form_for_remote_with_token
  render inline: "<%= form_for(:some_resource, :remote => true, :authenticity_token => true ) {} %>"
end
form_for_with_token() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 32
def form_for_with_token
  render inline: "<%= form_for(:some_resource, :authenticity_token => true ) {} %>"
end
form_with_local_with_token() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 48
def form_with_local_with_token
  render inline: "<%= form_with(scope: :some_resource, local: true, authenticity_token: true) {} %>"
end
form_with_remote() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 40
def form_with_remote
  render inline: "<%= form_with(scope: :some_resource) {} %>"
end
form_with_remote_with_external_token() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 52
def form_with_remote_with_external_token
  render inline: "<%= form_with(scope: :some_resource, authenticity_token: 'external_token') {} %>"
end
form_with_remote_with_token() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 44
def form_with_remote_with_token
  render inline: "<%= form_with(scope: :some_resource, authenticity_token: true) {} %>"
end
index() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 8
def index
  render inline: "<%= form_tag('/') {} %>"
end
meta() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 20
def meta
  render inline: "<%= csrf_meta_tags %>"
end
negotiate_cross_origin() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 70
def negotiate_cross_origin
  negotiate_same_origin
end
negotiate_same_origin() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 60
def negotiate_same_origin
  respond_to do |format|
    format.js { same_origin_js }
  end
end
same_origin_js() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 56
def same_origin_js
  render js: "foo();"
end
show_button() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 12
def show_button
  render inline: "<%= button_to('New', '/') %>"
end
unsafe() click to toggle source
# File actionpack/test/controller/request_forgery_protection_test.rb, line 16
def unsafe
  render plain: "pwn"
end