Skip to content

Instantly share code, notes, and snippets.

@bgarret
bgarret / application_controller.rb
Created February 21, 2012 08:31 — forked from jamesbebbington/application_controller.rb
Rack middleware and form tag patch to insert csrf tokens into cached pages
class ApplicationController < ActionController::Base
TOKEN_PLACEHOLDER = "__CROSS_SITE_REQUEST_FORGERY_PROTECTION_TOKEN__"
before_filter :form_authenticity_token
after_filter :inject_csrf_token
private
def inject_csrf_token
if protect_against_forgery? && token = session['_csrf_token']