module ActionView::Helpers::CsrfHelper

def csrf_meta_tags

"X-CSRF-Token" HTTP header. If you are using jQuery with jquery-rails this happens automatically.
For AJAX requests other than GETs, extract the "csrf-token" from the meta-tag and send as the

You don't need to use these tags for regular forms as they generate their own hidden fields.

:method.
These are used to generate the dynamic forms that implement non-remote links with

<%= csrf_meta_tags %>

request forgery protection parameter and token, respectively.
Returns meta tags "csrf-param" and "csrf-token" with the name of the cross-site

def csrf_meta_tags
  if protect_against_forgery?
    [
      tag('meta', :name => 'csrf-param', :content => request_forgery_protection_token),
      tag('meta', :name => 'csrf-token', :content => form_authenticity_token)
    ].join("\n").html_safe
  end
end

Instance Methods

# csrf_meta_tags

Defined in

lib/action_view/helpers/csrf_helper.rb

Modules

Classes

module ActionView::Helpers::CsrfHelper

def csrf_meta_tags

Instance Methods

Defined in