class Rack::Csrf

def call(env)

def call(env)
  unless env['rack.session']
    fail SessionUnavailable, 'Rack::Csrf depends on session middleware'
  end
  req = Rack::Request.new(env)
  let_it_pass = skip_checking(req) ||
    !@http_methods.include?(req.request_method) ||
    found_a_valid_token?(req)
  if let_it_pass
    @app.call(env)
  else
    fail InvalidCsrfToken if @raise_if_invalid
    [403, {CONTENT_TYPE => 'text/html', CONTENT_LENGTH => '0'}, []]
  end
end

Class Methods

:: field
:: header
:: key
:: metatag
:: rackified_header
:: tag
:: token

Instance Methods

# any?
# call
# found_a_valid_token?
# initialize
# skip_checking

Modules

Classes

class Rack::Csrf

def call(env)

Class Methods

Instance Methods