| Class | Rack::Protection::RemoteToken |
| In: |
lib/rack/protection/remote_token.rb
|
| Parent: | AuthenticityToken |
| Prevented attack: | CSRF |
| Supported browsers: | all |
| More infos: | en.wikipedia.org/wiki/Cross-site_request_forgery |
Only accepts unsafe HTTP requests if a given access token matches the token included in the session or the request comes from the same origin.
Compatible with Rails and rack-csrf.