CSRF token in XHR requests

railsbump / app

Check which gems are compatible with which Rails version!

https://railsbump.org

MIT License

152 stars 20 forks source link

CSRF token in XHR requests #44

Open manuelmeurer opened 4 years ago

manuelmeurer commented 4 years ago

Currently skip_before_action :verify_authenticity_token is used in the compats controller to load the table of compats. The CSRF token should be sent along with the XHR request when requesting the table so that the auth token verification does not need to be skipped.

manuelmeurer commented 6 months ago

This should probably be done with https://github.com/rails/requestjs-rails