angular_rails_csrf 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -7
- data/lib/angular_rails_csrf/concern.rb +5 -1
- data/lib/angular_rails_csrf/version.rb +1 -1
- data/test/dummy/log/test.log +44 -0
- metadata +48 -43
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
---
|
|
2
|
-
SHA1:
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
SHA512:
|
|
6
|
-
|
|
7
|
-
|
|
1
|
+
---
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 8a4290f37bdb3a1f0e3f6be6099cacad746f6a28
|
|
4
|
+
data.tar.gz: 96045d543d4af0986cd93a694fefe0ac53d7d4f9
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 45891740075e7ff2e5e3f2f54883e332091d06a37c88da6af1d6988a5a6fd3da19a566787a895fe985190f73f69721f13301ced50a5008f28da1f08ce4ee6066
|
|
7
|
+
data.tar.gz: d48b05aa92b23bdac818e8a8b743713f704fc5fdd6c5aa456279b0c576f2813217a83e6794cf9b38b0547f2233c61dc8becfebc102babea165f96cec7cd4205d
|
|
@@ -11,7 +11,11 @@ module AngularRailsCsrf
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
def verified_request?
|
|
14
|
-
|
|
14
|
+
if respond_to?(:valid_authenticity_token?, true)
|
|
15
|
+
super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
|
|
16
|
+
else
|
|
17
|
+
super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
|
|
18
|
+
end
|
|
15
19
|
end
|
|
16
20
|
end
|
|
17
21
|
end
|
data/test/dummy/log/test.log
CHANGED
|
@@ -174,3 +174,47 @@ AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_heade
|
|
|
174
174
|
Processing by ApplicationController#create as HTML
|
|
175
175
|
Can't verify CSRF token authenticity
|
|
176
176
|
Completed 422 Unprocessable Entity in 0ms
|
|
177
|
+
--------------------------------------------------------------------------------------------------------
|
|
178
|
+
AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
|
|
179
|
+
--------------------------------------------------------------------------------------------------------
|
|
180
|
+
Processing by ApplicationController#index as HTML
|
|
181
|
+
Completed 200 OK in 0ms
|
|
182
|
+
-----------------------------------------------------------------------------
|
|
183
|
+
AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
|
|
184
|
+
-----------------------------------------------------------------------------
|
|
185
|
+
Processing by ApplicationController#create as HTML
|
|
186
|
+
Completed 200 OK in 0ms
|
|
187
|
+
-----------------------------------------------------------------------------------------------------
|
|
188
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
|
|
189
|
+
-----------------------------------------------------------------------------------------------------
|
|
190
|
+
Processing by ApplicationController#create as HTML
|
|
191
|
+
Can't verify CSRF token authenticity
|
|
192
|
+
Completed 422 Unprocessable Entity in 0ms
|
|
193
|
+
-------------------------------------------------------------------------------------
|
|
194
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
|
|
195
|
+
-------------------------------------------------------------------------------------
|
|
196
|
+
Processing by ApplicationController#create as HTML
|
|
197
|
+
Can't verify CSRF token authenticity
|
|
198
|
+
Completed 422 Unprocessable Entity in 0ms
|
|
199
|
+
--------------------------------------------------------------------------------------------------------
|
|
200
|
+
AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
|
|
201
|
+
--------------------------------------------------------------------------------------------------------
|
|
202
|
+
Processing by ApplicationController#index as HTML
|
|
203
|
+
Completed 200 OK in 0ms
|
|
204
|
+
-----------------------------------------------------------------------------
|
|
205
|
+
AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
|
|
206
|
+
-----------------------------------------------------------------------------
|
|
207
|
+
Processing by ApplicationController#create as HTML
|
|
208
|
+
Completed 200 OK in 0ms
|
|
209
|
+
-----------------------------------------------------------------------------------------------------
|
|
210
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
|
|
211
|
+
-----------------------------------------------------------------------------------------------------
|
|
212
|
+
Processing by ApplicationController#create as HTML
|
|
213
|
+
Can't verify CSRF token authenticity
|
|
214
|
+
Completed 422 Unprocessable Entity in 0ms
|
|
215
|
+
-------------------------------------------------------------------------------------
|
|
216
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
|
|
217
|
+
-------------------------------------------------------------------------------------
|
|
218
|
+
Processing by ApplicationController#create as HTML
|
|
219
|
+
Can't verify CSRF token authenticity
|
|
220
|
+
Completed 422 Unprocessable Entity in 0ms
|
metadata
CHANGED
|
@@ -1,49 +1,56 @@
|
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: angular_rails_csrf
|
|
3
|
-
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 1.0.3
|
|
5
5
|
platform: ruby
|
|
6
|
-
authors:
|
|
6
|
+
authors:
|
|
7
7
|
- James Sanders
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
- !ruby/object:Gem::Dependency
|
|
11
|
+
date: 2014-11-06 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
15
14
|
name: rake
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
requirements:
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
19
17
|
- - ~>
|
|
20
|
-
- !ruby/object:Gem::Version
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
21
19
|
version: 10.1.0
|
|
22
20
|
type: :development
|
|
23
|
-
version_requirements: *id001
|
|
24
|
-
- !ruby/object:Gem::Dependency
|
|
25
|
-
name: rails
|
|
26
21
|
prerelease: false
|
|
27
|
-
|
|
28
|
-
requirements:
|
|
29
|
-
- -
|
|
30
|
-
- !ruby/object:Gem::Version
|
|
31
|
-
version:
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ~>
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: 10.1.0
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: rails
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - '>='
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '3'
|
|
32
34
|
- - <
|
|
33
|
-
- !ruby/object:Gem::Version
|
|
34
|
-
version:
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: '5'
|
|
35
37
|
type: :runtime
|
|
36
|
-
|
|
38
|
+
prerelease: false
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - '>='
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: '3'
|
|
44
|
+
- - <
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '5'
|
|
37
47
|
description: AngularJS style CSRF protection for Rails
|
|
38
|
-
email:
|
|
48
|
+
email:
|
|
39
49
|
- sanderjd@gmail.com
|
|
40
50
|
executables: []
|
|
41
|
-
|
|
42
51
|
extensions: []
|
|
43
|
-
|
|
44
52
|
extra_rdoc_files: []
|
|
45
|
-
|
|
46
|
-
files:
|
|
53
|
+
files:
|
|
47
54
|
- MIT-LICENSE
|
|
48
55
|
- README.md
|
|
49
56
|
- Rakefile
|
|
@@ -61,32 +68,30 @@ files:
|
|
|
61
68
|
- test/dummy/log/test.log
|
|
62
69
|
- test/test_helper.rb
|
|
63
70
|
homepage: https://github.com/jsanders/angular_rails_csrf
|
|
64
|
-
licenses:
|
|
71
|
+
licenses:
|
|
65
72
|
- MIT
|
|
66
73
|
metadata: {}
|
|
67
|
-
|
|
68
74
|
post_install_message:
|
|
69
75
|
rdoc_options: []
|
|
70
|
-
|
|
71
|
-
require_paths:
|
|
76
|
+
require_paths:
|
|
72
77
|
- lib
|
|
73
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
|
74
|
-
requirements:
|
|
75
|
-
-
|
|
76
|
-
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
78
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - '>='
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '0'
|
|
83
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
84
|
+
requirements:
|
|
85
|
+
- - '>='
|
|
86
|
+
- !ruby/object:Gem::Version
|
|
87
|
+
version: '0'
|
|
82
88
|
requirements: []
|
|
83
|
-
|
|
84
89
|
rubyforge_project:
|
|
85
90
|
rubygems_version: 2.2.1
|
|
86
91
|
signing_key:
|
|
87
92
|
specification_version: 4
|
|
88
93
|
summary: Support for AngularJS $http service style CSRF protection in Rails
|
|
89
|
-
test_files:
|
|
94
|
+
test_files:
|
|
90
95
|
- test/angular_rails_csrf_test.rb
|
|
91
96
|
- test/dummy/app/controllers/application_controller.rb
|
|
92
97
|
- test/dummy/config/application.rb
|