class Rack::Protection::AuthenticityToken

def accepts?(env)

def accepts?(env)
  return true if safe? env
  session = session env
  token   = session[:csrf] ||= session['_csrf_token'] || random_string
  env['HTTP_X_CSRF_TOKEN'] == token or
    Request.new(env).params['authenticity_token'] == token
end

Instance Methods

# accepts?