Project

General

Profile

Actions

Patch #36317

closed

Set default protect from forgery true

Added by Takashi Kato about 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Category:
Rails support
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:

Description

In Rails 5.2 and later, the default is to raise an exception for invalid CSRF tokens, and there is a configuration for that.

https://github.com/rails/rails/blob/6-1-stable/railties/lib/rails/application/configuration.rb#L123

In Rails 7 and later, the current implementation causes a Deprecation Warning.


Files


Related issues

Related to Redmine - Feature #36320: Migrate to Rails 7.1ReopenedMarius BĂLTEANU

Actions
Related to Redmine - Defect #37030: Requests fail with "Can't verify CSRF token authenticity" in mail handlerClosedMarius BĂLTEANU

Actions
Related to Redmine - Defect #37562: POST Requests to repository WS fail with "Can't verify CSRF token authenticity"ClosedGo MAEDA

Actions
Actions #1

Updated by Go MAEDA about 2 years ago

  • Target version set to Candidate for next major release
Actions #2

Updated by Go MAEDA about 2 years ago

Actions #3

Updated by Marius BĂLTEANU about 2 years ago

  • Assignee set to Marius BĂLTEANU
Actions #4

Updated by Marius BĂLTEANU about 2 years ago

  • Status changed from New to Closed
  • Target version changed from Candidate for next major release to 5.0.0

Patch committed, thanks!

Actions #5

Updated by Go MAEDA almost 2 years ago

  • Related to Defect #37030: Requests fail with "Can't verify CSRF token authenticity" in mail handler added
Actions #6

Updated by Go MAEDA over 1 year ago

  • Related to Defect #37562: POST Requests to repository WS fail with "Can't verify CSRF token authenticity" added
Actions

Also available in: Atom PDF