0.01
No commit activity in last 3 years
No release in over 3 years
A plugin for the Padrino web framework which adds CSRF protection
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

 Project Readme

Similar functionallity added to Padrino. This gem will no longer be maintained.

Overview

Padrino CSRF is a plugin for the Padrino web framework which adds cross-site request forgery protection.

Setup & Installation

Include it in your project's Gemfile with Bundler:

gem 'padrino-csrf'

Modify your app/app.rb file to register the plugin:

class ExampleApplication < Padrino::Application
  register Padrino::CSRF
end

Configuration

prevent_request_forgery
When enabled, will automatically verify the CSRF authentication token on all post, put, and delete requests.

You can of course disable this on a request by request basis:

enable :prevent_request_forgery

post :register do
  # request is checked
end

post :register, protect: false do
  # request isn't checked
end

Or if you prefer, you can disable it by default, and enable it on a request by request basis:

disable :prevent_request_forgery

post :register do
  # request isn't checked
end

post :register, protect: true do
  # request is checked
end

Dependencies

TODO

  • Additional documentation
  • Tests

Copyright

Copyright � 2012 Benjamin Bloch (Cirex). See LICENSE for details.