API Guides

instance method handle_unverified_request

Ruby on Rails 4.1.16

Since v4.0.13

Available in: v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2 

handle_unverified_request()

This is the method that defines the application behavior when a request is found to be unverified.

Source 
# File actionpack/lib/action_controller/metal/request_forgery_protection.rb, line 120
        def handle_unverified_request
          request = @controller.request
          request.session = NullSessionHash.new(request.env)
          request.env['action_dispatch.request.flash_hash'] = nil
          request.env['rack.session.options'] = { skip: true }
          request.env['action_dispatch.cookies'] = NullCookieJar.build(request)
        end

Defined in actionpack/lib/action_controller/metal/request_forgery_protection.rb line 120 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActionController::RequestForgeryProtection::ProtectionMethods::NullSession

Type at least 2 characters to search.

↑↓ navigate · open · esc close