instance method `form_authenticity_token`

Ruby on Rails 2.3.18

Since v2.2.3

Available in: v2.2.3 v2.3.18 v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2

Compare with:

form_authenticity_token()

Sets the token value for the current session. Pass a :secret option in protect_from_forgery to add a custom salt to the hash.

Source

# File actionpack/lib/action_controller/request_forgery_protection.rb, line 108
      def form_authenticity_token
        session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32)
      end

Defined in actionpack/lib/action_controller/request_forgery_protection.rb line 108 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActionController::RequestForgeryProtection

Signature