Skip to content

Instantly share code, notes, and snippets.

@huobazi

huobazi/angular_csrf.rb

Forked from nakhli/angular_csrf.rb
Last active August 29, 2015 14:10
Show Gist options
  • Save huobazi/b4d6cb358279c2b7bc80 to your computer and use it in GitHub Desktop.
Save huobazi/b4d6cb358279c2b7bc80 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
angular_csrf.rb
ActiveSupport.on_load(:action_controller) do
after_action :set_csrf_cookie_for_angular_js
define_method :set_csrf_cookie_for_angular_js do
cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
end
private :set_csrf_cookie_for_angular_js
define_method :verified_request_with_angular_header? do
verified_request_without_angular_header? || form_authenticity_token == request.headers['X-XSRF-Token']
end
alias_method_chain :verified_request?, :angular_header
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment