instance method `valid_per_form_csrf_token?`

Ruby on Rails 7.2.3

Since v5.2.8.1 Private

Available in: v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2

Compare with:

valid_per_form_csrf_token?(token, session = nil)

No documentation comment.

Parameters

token req
session opt = nil

Source

# File actionpack/lib/action_controller/metal/request_forgery_protection.rb, line 554
      def valid_per_form_csrf_token?(token, session = nil) # :doc:
        if per_form_csrf_tokens
          correct_token = per_form_csrf_token(
            session,
            request.path.chomp("/"),
            request.request_method
          )

          ActiveSupport::SecurityUtils.fixed_length_secure_compare(token, correct_token)
        else
          false
        end
      end

Defined in actionpack/lib/action_controller/metal/request_forgery_protection.rb line 554 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActionController::RequestForgeryProtection

Signature

Parameters