Class: ActionController::RequestForgeryProtection::ProtectionMethods::NullSession

Inherits:
Object
  • Object
show all
Defined in:
actionpack/lib/action_controller/metal/request_forgery_protection.rb

Defined Under Namespace

Classes: NullCookieJar, NullSessionHash

Instance Method Summary collapse

Constructor Details

#initialize(controller) ⇒ NullSession

Returns a new instance of NullSession.



163
164
165
# File 'actionpack/lib/action_controller/metal/request_forgery_protection.rb', line 163

def initialize(controller)
  @controller = controller
end

Instance Method Details

#handle_unverified_requestObject

This is the method that defines the application behavior when a request is found to be unverified.



168
169
170
171
172
173
174
# File 'actionpack/lib/action_controller/metal/request_forgery_protection.rb', line 168

def handle_unverified_request
  request = @controller.request
  request.session = NullSessionHash.new(request)
  request.flash = nil
  request.session_options = { skip: true }
  request.cookie_jar = NullCookieJar.build(request, {})
end