Class: Security::CSRFTokenValidation

Inherits:

RuboCop::Cop::Base

• Object
• RuboCop::Cop::Base
• Security::CSRFTokenValidation

Defined in:

lib/simplycop/security/csrf_token_validation.rb

Constant Summary

MSG =

'Do not disable authenticity token validation'

Instance Method Summary

• #found_match(method) ⇒ Object
• #on_send(node) ⇒ Object

Instance Method Details

#found_match(method) ⇒ Object

# File 'lib/simplycop/security/csrf_token_validation.rb', line 14

def found_match(method)
  [:verify_authenticity_token, 'verify_authenticity_token'].include?(method)
end

#on_send(node) ⇒ Object

# File 'lib/simplycop/security/csrf_token_validation.rb', line 6

def on_send(node)
  return unless skip_before_action(node)

  _, _, parts = *node
  method = parts.node_parts
  add_offense(node.loc.selector) if found_match(method[0])
end