module Roda::RodaPlugins::RouteCsrf::InstanceMethods

def csrf_path(action)

paths, URLs, empty paths).
worry about the different types of form actions (relative paths, absolute
This makes it easier to generate request-specific tokens without having to
Given a form action, return the appropriate path to use for the CSRF token.

def csrf_path(action)
  case action
  when nil, '', /\A[#?]/
    # use current path
    request.path
  when /\A(?:https?:\/)?\//
    # Either full URI or absolute path, extract just the path
    URI.parse(action).path
  else
    # relative path, join to current path
    URI.join(request.url, action).path
  end
end

Instance Methods

# check_csrf!
# csrf_compare
# csrf_field
# csrf_formaction_tag
# csrf_header
# csrf_hmac
# csrf_invalid_message
# csrf_metatag
# csrf_options
# csrf_path
# csrf_secret
# csrf_tag
# csrf_token
# use_request_specific_csrf_tokens?
# valid_csrf?

Modules

Classes

module Roda::RodaPlugins::RouteCsrf::InstanceMethods

def csrf_path(action)

Instance Methods