method
valid_per_form_csrf_token?
v5.0.0.1 -
Show latest stable
- Class:
ActionController::RequestForgeryProtection
valid_per_form_csrf_token?(token, session)protected
No documentation available.
# File actionpack/lib/action_controller/metal/request_forgery_protection.rb, line 353
def valid_per_form_csrf_token?(token, session)
if per_form_csrf_tokens
correct_token = per_form_csrf_token(
session,
normalize_action_path(request.fullpath),
request.request_method
)
ActiveSupport::SecurityUtils.secure_compare(token, correct_token)
else
false
end
end-
any_authenticity_token_valid? - compare_with_real_token
- form_authenticity_param
- form_authenticity_token
- handle_unverified_request
- mark_for_same_origin_verification!
- marked_for_same_origin_verification?
- masked_authenticity_token
- non_xhr_javascript_response?
- normalize_action_path
- per_form_csrf_token
- protect_against_forgery?
- real_csrf_token
- request_authenticity_tokens
- unmask_token
- valid_authenticity_token?
- valid_per_form_csrf_token?
- valid_request_origin?
- verified_request?
- verify_authenticity_token
- verify_same_origin_request
- xor_byte_strings