| Class | Rack::Protection::AuthenticityToken |
| In: |
lib/rack/protection/authenticity_token.rb
|
| Parent: | Base |
| Prevented attack: | CSRF |
| Supported browsers: | all |
| More infos: | en.wikipedia.org/wiki/Cross-site_request_forgery |
Only accepts unsafe HTTP requests if a given access token matches the token included in the session.
Compatible with Rails and rack-csrf.