Skip to content

Instantly share code, notes, and snippets.

@masterT

masterT/README.md

Created December 27, 2021 16:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save masterT/bc88a3b1d943ee313f885344e1988d5c to your computer and use it in GitHub Desktop.
Save masterT/bc88a3b1d943ee313f885344e1988d5c to your computer and use it in GitHub Desktop.
Download ZIP
RequestForgeryProtection for ActionController::API
Raw
README.md

Configure ActionController::RequestForgeryProtection for an ApplicationController that does not inherits from ActionController::Base (or any controller that does not include ActionController::RequestForgeryProtection).

This is required since the module is included after the application is loaded, so it does not get configured automatically by the configuration files config/environments/*.rb.

Raw
application_controller_request_forgery_protection_configuration.rb
# frozen_string_literal: true
ActiveSupport::Reloader.to_prepare do
# Configure `ActionController::RequestForgeryProtection` for `ApplicationController`.
# This is required since the module is included *after the application is loaded*, so it
# does not get configured automatically by the configuration files `config/environments/*.rb`.
Rails.application.config.action_controller.each do |key, value|
next unless ApplicationController.respond_to?("#{key}=")
ApplicationController.send("#{key}=", value)
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment