angular_rails_csrf 1.0.4 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 740300b724cfd8f8500d162de60d9612e63bd91a
4
- data.tar.gz: fb9b28c509ab59f4aba0f58b0e66a7f77e5e6ad8
3
+ metadata.gz: 4becb4082b16922fde4f2110f3beb5111726ab08
4
+ data.tar.gz: b106877de928863c4586b8f9038b9cf72847416f
5
5
  SHA512:
6
- metadata.gz: 0e75a70015061b20556083b86d38d8d88b7df068f756884b6257bed2b3b52d0b52e99d50ecc58b64205ca52a84807371db9234e0fbc7362c33bc0198a5a2dcfb
7
- data.tar.gz: deb899582b48662cc2eeceb1333d1b4c446b7e8285da102aefd26d4f8099a18371fee3a83d13dc05963f7eabf0cc30acc5f5898c32e50a01f46d8420f7fe64a4
6
+ metadata.gz: d364e35e39341cd2bfef8a4ad885ac7815d5bb3eab69728a9a7a3b8d9a755978a7401338a208a51bfbf418ff67265d0d78776ab0f0df9dc397490106ddd158ab
7
+ data.tar.gz: fdf99a8394b9e6a411eaaffd72c429e0380611da8387f3ec65cd240563f9f4fdfb7fc124da6f9650d17abde40d6b221b5f78c363404848baefaae9ad76094737
data/README.md CHANGED
@@ -1,21 +1,39 @@
1
- ## AngularJS-style CSRF Protection for Rails
2
-
3
- [![Build Status](https://travis-ci.org/jsanders/angular_rails_csrf.png)](https://travis-ci.org/jsanders/angular_rails_csrf)
4
-
5
- The AngularJS [ng.$http](http://docs.angularjs.org/api/ng.$http) service has built-in CSRF protection. By default, it looks for a cookie named `XSRF-TOKEN` and, if found, writes its value into an `X-XSRF-TOKEN` header, which the server compares with the CSRF token saved in the user's session.
6
-
7
- This project adds direct support for this scheme to your Rails application without requiring any changes to your AngularJS application. It also doesn't require the use of `csrf_meta_tags` to write a CSRF token into your page markup, so it works for pure JSON API applications.
8
-
9
- Note that there is nothing AngularJS specific here, and this will work with any other front-end that implements the same scheme.
10
-
11
- ### Installation
12
-
13
- Add this line to your application's Gemfile:
14
-
15
- gem 'angular_rails_csrf'
16
-
17
- And then execute:
18
-
19
- $ bundle
20
-
21
- That's it!
1
+ ## AngularJS-style CSRF Protection for Rails
2
+
3
+ [![Gem Version](https://badge.fury.io/rb/angular_rails_csrf.svg)](https://badge.fury.io/rb/angular_rails_csrf)
4
+ [![Build Status](https://travis-ci.org/jsanders/angular_rails_csrf.png)](https://travis-ci.org/jsanders/angular_rails_csrf)
5
+ [![Dependency Status](https://gemnasium.com/badges/github.com/jsanders/angular_rails_csrf.svg)](https://gemnasium.com/github.com/jsanders/angular_rails_csrf)
6
+
7
+ The AngularJS [ng.$http](http://docs.angularjs.org/api/ng.$http) service has built-in CSRF protection. By default, it looks for a cookie named `XSRF-TOKEN` and, if found, writes its value into an `X-XSRF-TOKEN` header, which the server compares with the CSRF token saved in the user's session.
8
+
9
+ This project adds direct support for this scheme to your Rails application without requiring any changes to your AngularJS application. It also doesn't require the use of `csrf_meta_tags` to write a CSRF token into your page markup, so it works for pure JSON API applications.
10
+
11
+ Note that there is nothing AngularJS specific here, and this will work with any other front-end that implements the same scheme.
12
+
13
+ ### Installation
14
+
15
+ Add this line to your application's *Gemfile*:
16
+
17
+ gem 'angular_rails_csrf'
18
+
19
+ And then execute:
20
+
21
+ $ bundle
22
+
23
+ That's it!
24
+
25
+ ### Exclusions
26
+
27
+ Sometimes you will want to skip setting the XSRF token for certain controllers (for example, when using SSE or ActionCable, as discussed [here](https://github.com/jsanders/angular_rails_csrf/issues/7)):
28
+
29
+ ```ruby
30
+ class ExclusionsController < ApplicationController
31
+ exclude_xsrf_token_cookie
32
+
33
+ # your actions here...
34
+ end
35
+ ```
36
+
37
+ ### License
38
+
39
+ Licensed under the [MIT License](https://github.com/jsanders/angular_rails_csrf/blob/master/LICENSE).
data/Rakefile CHANGED
@@ -1,32 +1,32 @@
1
- begin
2
- require 'bundler/setup'
3
- rescue LoadError
4
- puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
5
- end
6
-
7
- require 'rdoc/task'
8
-
9
- RDoc::Task.new(:rdoc) do |rdoc|
10
- rdoc.rdoc_dir = 'rdoc'
11
- rdoc.title = 'AngularRailsCsrf'
12
- rdoc.options << '--line-numbers'
13
- rdoc.rdoc_files.include('README.rdoc')
14
- rdoc.rdoc_files.include('lib/**/*.rb')
15
- end
16
-
17
-
18
-
19
-
20
- Bundler::GemHelper.install_tasks
21
-
22
- require 'rake/testtask'
23
-
24
- Rake::TestTask.new(:test) do |t|
25
- t.libs << 'lib'
26
- t.libs << 'test'
27
- t.pattern = 'test/**/*_test.rb'
28
- t.verbose = false
29
- end
30
-
31
-
32
- task default: :test
1
+ begin
2
+ require 'bundler/setup'
3
+ rescue LoadError
4
+ puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
5
+ end
6
+
7
+ require 'rdoc/task'
8
+
9
+ RDoc::Task.new(:rdoc) do |rdoc|
10
+ rdoc.rdoc_dir = 'rdoc'
11
+ rdoc.title = 'AngularRailsCsrf'
12
+ rdoc.options << '--line-numbers'
13
+ rdoc.rdoc_files.include('README.rdoc')
14
+ rdoc.rdoc_files.include('lib/**/*.rb')
15
+ end
16
+
17
+
18
+
19
+
20
+ Bundler::GemHelper.install_tasks
21
+
22
+ require 'rake/testtask'
23
+
24
+ Rake::TestTask.new(:test) do |t|
25
+ t.libs << 'lib'
26
+ t.libs << 'test'
27
+ t.pattern = 'test/**/*_test.rb'
28
+ t.verbose = false
29
+ end
30
+
31
+
32
+ task default: :test
@@ -1,21 +1,37 @@
1
- module AngularRailsCsrf
2
- module Concern
3
- extend ActiveSupport::Concern
4
-
5
- included do
6
- before_filter :set_xsrf_token_cookie
7
- end
8
-
9
- def set_xsrf_token_cookie
10
- cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
11
- end
12
-
13
- def verified_request?
14
- if respond_to?(:valid_authenticity_token?, true)
15
- super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
16
- else
17
- super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
18
- end
19
- end
20
- end
21
- end
1
+ module AngularRailsCsrf
2
+ module Concern
3
+ extend ActiveSupport::Concern
4
+
5
+ included do
6
+ if Rails::VERSION::MAJOR < 4
7
+ after_filter :set_xsrf_token_cookie
8
+ else
9
+ after_action :set_xsrf_token_cookie
10
+ end
11
+ end
12
+
13
+ def set_xsrf_token_cookie
14
+ if protect_against_forgery? && !respond_to?(:__exclude_xsrf_token_cookie?)
15
+ cookies['XSRF-TOKEN'] = form_authenticity_token
16
+ end
17
+ end
18
+
19
+ def verified_request?
20
+ if respond_to?(:valid_authenticity_token?, true)
21
+ super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
22
+ else
23
+ super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
24
+ end
25
+ end
26
+
27
+ module ClassMethods
28
+ def exclude_xsrf_token_cookie
29
+ self.class_eval do
30
+ def __exclude_xsrf_token_cookie?
31
+ true
32
+ end
33
+ end
34
+ end
35
+ end
36
+ end
37
+ end
@@ -1,11 +1,11 @@
1
- require 'angular_rails_csrf/concern'
2
-
3
- module AngularRailsCsrf
4
- class Railtie < ::Rails::Railtie
5
- initializer 'angular-rails-csrf' do |app|
6
- ActiveSupport.on_load(:action_controller) do
7
- include AngularRailsCsrf::Concern
8
- end
9
- end
10
- end
11
- end
1
+ require 'angular_rails_csrf/concern'
2
+
3
+ module AngularRailsCsrf
4
+ class Railtie < ::Rails::Railtie
5
+ initializer 'angular-rails-csrf' do |app|
6
+ ActiveSupport.on_load(:action_controller) do
7
+ include AngularRailsCsrf::Concern
8
+ end
9
+ end
10
+ end
11
+ end
@@ -1,3 +1,3 @@
1
- module AngularRailsCsrf
2
- VERSION = "1.0.4"
3
- end
1
+ module AngularRailsCsrf
2
+ VERSION = "2.0.0"
3
+ end
@@ -1 +1 @@
1
- require 'angular_rails_csrf/railtie'
1
+ require 'angular_rails_csrf/railtie'
@@ -0,0 +1,16 @@
1
+ require 'test_helper'
2
+
3
+ class AngularRailsCsrfExceptionTest < ActionController::TestCase
4
+ tests ExclusionsController
5
+
6
+ setup do
7
+ @controller.allow_forgery_protection = true
8
+ @correct_token = @controller.send(:form_authenticity_token)
9
+ end
10
+
11
+ test "a get does not set the XSRF-TOKEN cookie" do
12
+ get :index
13
+ assert_not_equal @correct_token, cookies['XSRF-TOKEN']
14
+ assert_response :success
15
+ end
16
+ end
@@ -1,35 +1,48 @@
1
- require 'test_helper'
2
-
3
- class AngularRailsCsrfTest < ActionController::TestCase
4
- tests ApplicationController
5
-
6
- setup do
7
- @controller.allow_forgery_protection = true
8
- @correct_token = @controller.send(:form_authenticity_token)
9
- end
10
-
11
- test "a get sets the XSRF-TOKEN cookie but does not require the X-XSRF-TOKEN header" do
12
- get :index
13
- assert_equal @correct_token, cookies['XSRF-TOKEN']
14
- assert_response :success
15
- end
16
-
17
- test "a post raises an error without the X-XSRF-TOKEN header set" do
18
- assert_raises ActionController::InvalidAuthenticityToken do
19
- post :create
20
- end
21
- end
22
-
23
- test "a post raises an error with the X-XSRF-TOKEN header set to the wrong value" do
24
- @request.headers['X-XSRF-TOKEN'] = 'garbage'
25
- assert_raises ActionController::InvalidAuthenticityToken do
26
- post :create
27
- end
28
- end
29
-
30
- test "a post is accepted if X-XSRF-TOKEN is set properly" do
31
- @request.headers['X-XSRF-TOKEN'] = @correct_token
32
- post :create
33
- assert_response :success
34
- end
35
- end
1
+ require 'test_helper'
2
+
3
+ class AngularRailsCsrfTest < ActionController::TestCase
4
+ tests ApplicationController
5
+
6
+ test "a get sets the XSRF-TOKEN cookie but does not require the X-XSRF-TOKEN header" do
7
+ get :index
8
+ assert_valid_cookie
9
+ assert_response :success
10
+ end
11
+
12
+ test "a post raises an error without the X-XSRF-TOKEN header set" do
13
+ assert_raises ActionController::InvalidAuthenticityToken do
14
+ post :create
15
+ end
16
+ end
17
+
18
+ test "a post raises an error with the X-XSRF-TOKEN header set to the wrong value" do
19
+ set_header_to 'garbage'
20
+ assert_raises ActionController::InvalidAuthenticityToken do
21
+ post :create
22
+ end
23
+ end
24
+
25
+ test "a post is accepted if X-XSRF-TOKEN is set properly" do
26
+ set_header_to @controller.send(:form_authenticity_token)
27
+ post :create
28
+ assert_valid_cookie
29
+ assert_response :success
30
+ end
31
+
32
+ private
33
+
34
+ # Helpers
35
+
36
+ def set_header_to(value)
37
+ # Rails 3 uses `env` and Rails 4 uses `headers`
38
+ @request.env['X-XSRF-TOKEN'] = @request.headers['X-XSRF-TOKEN'] = value
39
+ end
40
+
41
+ def assert_valid_cookie
42
+ if @controller.respond_to?(:valid_authenticity_token?, true)
43
+ assert @controller.send(:valid_authenticity_token?, session, cookies['XSRF-TOKEN'])
44
+ else
45
+ assert_equal @controller.send(:form_authenticity_token), cookies['XSRF-TOKEN']
46
+ end
47
+ end
48
+ end
@@ -1,6 +1,13 @@
1
- class ApplicationController < ActionController::Base
2
- protect_from_forgery with: :exception
3
-
4
- def index; head :ok; end
5
- def create; head :ok; end
6
- end
1
+ class ApplicationController < ActionController::Base
2
+ protect_from_forgery with: :exception
3
+
4
+ if Rails::VERSION::MAJOR < 4
5
+ # Mimic `protect_from_forgery with: :exception` for older Rails versions.
6
+ def handle_unverified_request
7
+ raise ActionController::InvalidAuthenticityToken
8
+ end
9
+ end
10
+
11
+ def index; head :ok; end
12
+ def create; head :ok; end
13
+ end
@@ -0,0 +1,5 @@
1
+ class ExclusionsController < ApplicationController
2
+ exclude_xsrf_token_cookie
3
+
4
+ def index; head :ok; end
5
+ end
@@ -1,14 +1,15 @@
1
- require File.expand_path('../boot', __FILE__)
2
-
3
- require "action_controller/railtie"
4
-
5
- Bundler.require(*Rails.groups)
6
- require "angular_rails_csrf"
7
-
8
- module Dummy
9
- class Application < Rails::Application
10
- config.secret_key_base = '5e6b6d2bd7bf26d02679ac958b520adf41b211eb0b8f33742abc5437711d0ad314baf13efc0d35d7568d2e469668a7021cf5e945c667bd16507777aedb770f83'
11
- config.eager_load = false # You get yelled at if you don't set this
12
- end
13
- end
14
-
1
+ require File.expand_path('../boot', __FILE__)
2
+
3
+ require "action_controller/railtie"
4
+
5
+ Bundler.require(:default, Rails.env)
6
+ require "angular_rails_csrf"
7
+
8
+ module Dummy
9
+ class Application < Rails::Application
10
+ config.secret_key_base = '5e6b6d2bd7bf26d02679ac958b520adf41b211eb0b8f33742abc5437711d0ad314baf13efc0d35d7568d2e469668a7021cf5e945c667bd16507777aedb770f83'
11
+ config.eager_load = false # You get yelled at if you don't set this
12
+ config.active_support.test_order = :random
13
+ end
14
+ end
15
+
@@ -1,5 +1,4 @@
1
- # Set up gems listed in the Gemfile.
2
- ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
3
-
4
- require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
5
- $LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)
1
+ # Set up gems listed in the Gemfile.
2
+ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
3
+
4
+ require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
@@ -1,5 +1,5 @@
1
- # Load the Rails application.
2
- require File.expand_path('../application', __FILE__)
3
-
4
- # Initialize the Rails application.
5
- Dummy::Application.initialize!
1
+ # Load the Rails application.
2
+ require File.expand_path('../application', __FILE__)
3
+
4
+ # Initialize the Rails application.
5
+ Dummy::Application.initialize!
@@ -1,4 +1,6 @@
1
- Dummy::Application.routes.draw do
2
- get 'test' => 'application#index'
3
- post 'test' => 'application#create'
4
- end
1
+ Dummy::Application.routes.draw do
2
+ get 'test' => 'application#index'
3
+ post 'test' => 'application#create'
4
+
5
+ get 'exclusions' => 'exclusions#index'
6
+ end
data/test/dummy/config.ru CHANGED
@@ -1,4 +1,4 @@
1
- # This file is used by Rack-based servers to start the application.
2
-
3
- require ::File.expand_path('../config/environment', __FILE__)
4
- run Rails.application
1
+ # This file is used by Rack-based servers to start the application.
2
+
3
+ require ::File.expand_path('../config/environment', __FILE__)
4
+ run Rails.application
@@ -12,436 +12,24 @@ Completed 200 OK in 1ms
12
12
  AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
13
13
  -----------------------------------------------------------------------------------------------------
14
14
  Processing by ApplicationController#create as HTML
15
- Can't verify CSRF token authenticity
16
- Completed 422 Unprocessable Entity in 0ms
17
- -------------------------------------------------------------------------------------
18
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
19
- -------------------------------------------------------------------------------------
20
- Processing by ApplicationController#create as HTML
21
- Can't verify CSRF token authenticity
22
- Completed 422 Unprocessable Entity in 0ms
23
- --------------------------------------------------------------------------------------------------------
24
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
25
- --------------------------------------------------------------------------------------------------------
26
- Processing by ApplicationController#index as HTML
27
- Completed 200 OK in 0ms
28
- -----------------------------------------------------------------------------
29
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
30
- -----------------------------------------------------------------------------
31
- Processing by ApplicationController#create as HTML
32
- Completed 200 OK in 0ms
33
- -----------------------------------------------------------------------------------------------------
34
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
35
- -----------------------------------------------------------------------------------------------------
36
- Processing by ApplicationController#create as HTML
37
- Can't verify CSRF token authenticity
38
- Completed 422 Unprocessable Entity in 0ms
39
- -------------------------------------------------------------------------------------
40
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
41
- -------------------------------------------------------------------------------------
42
- Processing by ApplicationController#create as HTML
43
- Can't verify CSRF token authenticity
44
- Completed 422 Unprocessable Entity in 0ms
45
- --------------------------------------------------------------------------------------------------------
46
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
47
- --------------------------------------------------------------------------------------------------------
48
- Processing by ApplicationController#index as HTML
49
- Completed 200 OK in 0ms
50
- -----------------------------------------------------------------------------
51
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
52
- -----------------------------------------------------------------------------
53
- Processing by ApplicationController#create as HTML
54
- Completed 200 OK in 0ms
55
- -----------------------------------------------------------------------------------------------------
56
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
57
- -----------------------------------------------------------------------------------------------------
58
- Processing by ApplicationController#create as HTML
59
- Can't verify CSRF token authenticity
60
- Completed 422 Unprocessable Entity in 0ms
61
- -------------------------------------------------------------------------------------
62
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
63
- -------------------------------------------------------------------------------------
64
- Processing by ApplicationController#create as HTML
65
- Can't verify CSRF token authenticity
66
- Completed 422 Unprocessable Entity in 0ms
67
- --------------------------------------------------------------------------------------------------------
68
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
69
- --------------------------------------------------------------------------------------------------------
70
- Processing by ApplicationController#index as HTML
71
- Completed 200 OK in 0ms
72
- -----------------------------------------------------------------------------
73
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
74
- -----------------------------------------------------------------------------
75
- Processing by ApplicationController#create as HTML
76
- Completed 200 OK in 0ms
77
- -----------------------------------------------------------------------------------------------------
78
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
79
- -----------------------------------------------------------------------------------------------------
80
- Processing by ApplicationController#create as HTML
81
- Can't verify CSRF token authenticity
82
- Completed 422 Unprocessable Entity in 0ms
83
- -------------------------------------------------------------------------------------
84
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
85
- -------------------------------------------------------------------------------------
86
- Processing by ApplicationController#create as HTML
87
- Can't verify CSRF token authenticity
88
- Completed 422 Unprocessable Entity in 0ms
89
- Processing by ApplicationController#index as HTML
90
- Completed 200 OK in 0.2ms
91
- Processing by ApplicationController#create as HTML
92
- WARNING: Can't verify CSRF token authenticity
93
- Completed 200 OK in 0.3ms
94
- Processing by ApplicationController#create as HTML
95
- WARNING: Can't verify CSRF token authenticity
96
- Completed 200 OK in 0.1ms
97
- Processing by ApplicationController#create as HTML
98
- WARNING: Can't verify CSRF token authenticity
99
- Completed 200 OK in 0.1ms
100
- Processing by ApplicationController#index as HTML
101
- Completed 200 OK in 0ms
102
- Processing by ApplicationController#create as HTML
103
- WARNING: Can't verify CSRF token authenticity
104
- Completed 200 OK in 0ms
105
- Processing by ApplicationController#create as HTML
106
- WARNING: Can't verify CSRF token authenticity
107
- Completed 200 OK in 0ms
108
- Processing by ApplicationController#create as HTML
109
- WARNING: Can't verify CSRF token authenticity
110
- Completed 200 OK in 0ms
111
- Processing by ApplicationController#index as HTML
112
- Completed 200 OK in 0ms
113
- Processing by ApplicationController#create as HTML
114
- WARNING: Can't verify CSRF token authenticity
115
- Completed 200 OK in 0ms
116
- Processing by ApplicationController#create as HTML
117
- WARNING: Can't verify CSRF token authenticity
118
- Completed 200 OK in 0ms
119
- Processing by ApplicationController#create as HTML
120
- WARNING: Can't verify CSRF token authenticity
121
- Completed 200 OK in 0ms
122
-
123
- ***** Debugger requested, but was not available (ensure ruby-debug is listed in Gemfile/installed as gem): Start server with --debugger to enable *****
124
- Processing by ApplicationController#index as HTML
125
- Completed 200 OK in 0ms
126
- Processing by ApplicationController#create as HTML
127
- WARNING: Can't verify CSRF token authenticity
128
- Completed 200 OK in 0ms
129
- Processing by ApplicationController#create as HTML
130
- WARNING: Can't verify CSRF token authenticity
131
- Completed 200 OK in 0ms
132
- Processing by ApplicationController#create as HTML
133
- WARNING: Can't verify CSRF token authenticity
134
- Completed 200 OK in 0ms
135
- Processing by ApplicationController#index as HTML
136
- Completed 200 OK in 0ms
137
- Processing by ApplicationController#create as HTML
138
- WARNING: Can't verify CSRF token authenticity
139
- Completed 200 OK in 0ms
140
- Processing by ApplicationController#create as HTML
141
- WARNING: Can't verify CSRF token authenticity
142
- Completed 200 OK in 0ms
143
- Processing by ApplicationController#create as HTML
144
- WARNING: Can't verify CSRF token authenticity
145
- Completed 200 OK in 0ms
146
- Processing by ApplicationController#index as HTML
147
- Completed 200 OK in 0ms
148
- Processing by ApplicationController#create as HTML
149
- WARNING: Can't verify CSRF token authenticity
150
- Completed 200 OK in 0ms
151
- Processing by ApplicationController#create as HTML
152
- WARNING: Can't verify CSRF token authenticity
153
- Completed 200 OK in 0ms
154
- Processing by ApplicationController#create as HTML
155
- WARNING: Can't verify CSRF token authenticity
156
- Completed 200 OK in 0ms
157
- Processing by ApplicationController#index as HTML
158
- Completed 200 OK in 0ms
159
- Processing by ApplicationController#create as HTML
160
- WARNING: Can't verify CSRF token authenticity
161
- Completed 200 OK in 0ms
162
- Processing by ApplicationController#create as HTML
163
- WARNING: Can't verify CSRF token authenticity
164
- Completed 200 OK in 0ms
165
- Processing by ApplicationController#index as HTML
166
- Completed 200 OK in 33857ms
167
- Processing by ApplicationController#index as HTML
168
- Processing by ApplicationController#index as HTML
169
- Completed 200 OK in 15337ms
170
- Processing by ApplicationController#create as HTML
171
- WARNING: Can't verify CSRF token authenticity
172
- Completed 200 OK in 94657ms
173
- Processing by ApplicationController#create as HTML
174
- WARNING: Can't verify CSRF token authenticity
175
- Processing by ApplicationController#index as HTML
176
- Processing by ApplicationController#index as HTML
177
- Completed 200 OK in 7498ms
178
- Processing by ApplicationController#create as HTML
179
- WARNING: Can't verify CSRF token authenticity
180
- Completed 200 OK in 1204ms
181
- Processing by ApplicationController#create as HTML
182
- WARNING: Can't verify CSRF token authenticity
183
- Completed 500 Internal Server Error in 49631ms
184
- Processing by ApplicationController#create as HTML
185
- WARNING: Can't verify CSRF token authenticity
186
- Completed 200 OK in 11900ms
187
- Processing by ApplicationController#index as HTML
188
- Completed 200 OK in 2198ms
189
- Processing by ApplicationController#create as HTML
190
- WARNING: Can't verify CSRF token authenticity
191
- Completed 200 OK in 1333ms
192
- Processing by ApplicationController#create as HTML
193
- WARNING: Can't verify CSRF token authenticity
194
- Completed 200 OK in 1428ms
195
- Processing by ApplicationController#create as HTML
196
- WARNING: Can't verify CSRF token authenticity
197
- Completed 200 OK in 1525ms
198
- Processing by ApplicationController#index as HTML
199
- Completed 200 OK in 876ms
200
- Processing by ApplicationController#create as HTML
201
- WARNING: Can't verify CSRF token authenticity
202
- Processing by ApplicationController#index as HTML
203
- Completed 200 OK in 2694ms
204
- Processing by ApplicationController#create as HTML
205
- WARNING: Can't verify CSRF token authenticity
206
- Completed 422 Unprocessable Entity in 429ms
207
- Processing by ApplicationController#create as HTML
208
- WARNING: Can't verify CSRF token authenticity
209
- Completed 422 Unprocessable Entity in 392ms
210
- Processing by ApplicationController#create as HTML
211
- WARNING: Can't verify CSRF token authenticity
212
- Completed 422 Unprocessable Entity in 473ms
213
- Processing by ApplicationController#index as HTML
214
- Completed 200 OK in 0ms
215
- Processing by ApplicationController#create as HTML
216
- WARNING: Can't verify CSRF token authenticity
217
- Completed 422 Unprocessable Entity in 0ms
218
- Processing by ApplicationController#create as HTML
219
- WARNING: Can't verify CSRF token authenticity
220
- Completed 422 Unprocessable Entity in 0ms
221
- Processing by ApplicationController#create as HTML
222
- WARNING: Can't verify CSRF token authenticity
223
- Completed 422 Unprocessable Entity in 0ms
224
- Processing by ApplicationController#index as HTML
225
- Completed 200 OK in 14358ms
226
- Processing by ApplicationController#create as HTML
227
- WARNING: Can't verify CSRF token authenticity
228
- Completed 422 Unprocessable Entity in 8244ms
229
- Processing by ApplicationController#create as HTML
230
- WARNING: Can't verify CSRF token authenticity
231
- Completed 422 Unprocessable Entity in 3772ms
232
- Processing by ApplicationController#create as HTML
233
- WARNING: Can't verify CSRF token authenticity
234
- Completed 422 Unprocessable Entity in 134031ms
235
- Processing by ApplicationController#index as HTML
236
- Completed 200 OK in 2903ms
237
- Processing by ApplicationController#index as HTML
238
- Completed 200 OK in 14568ms
239
- Processing by ApplicationController#create as HTML
240
- Completed 200 OK in 34950ms
241
- Processing by ApplicationController#create as HTML
242
- WARNING: Can't verify CSRF token authenticity
243
- Completed 422 Unprocessable Entity in 964ms
244
- Processing by ApplicationController#create as HTML
245
- WARNING: Can't verify CSRF token authenticity
246
- Completed 422 Unprocessable Entity in 461ms
247
- Processing by ApplicationController#index as HTML
248
- Completed 200 OK in 0ms
249
- Processing by ApplicationController#create as HTML
250
- Completed 200 OK in 0ms
251
- Processing by ApplicationController#create as HTML
252
- WARNING: Can't verify CSRF token authenticity
253
- Completed 422 Unprocessable Entity in 0ms
254
- Processing by ApplicationController#create as HTML
255
- WARNING: Can't verify CSRF token authenticity
256
- Completed 422 Unprocessable Entity in 0ms
257
- Processing by ApplicationController#index as HTML
258
- Completed 200 OK in 0ms
259
- Processing by ApplicationController#create as HTML
260
- Completed 200 OK in 0ms
261
- Processing by ApplicationController#create as HTML
262
- Completed 422 Unprocessable Entity in 0ms
263
- Processing by ApplicationController#create as HTML
264
- Completed 422 Unprocessable Entity in 0ms
265
- Processing by ApplicationController#index as HTML
266
- Completed 200 OK in 0.3ms
267
- Processing by ApplicationController#create as HTML
268
- Completed 200 OK in 0.3ms
269
- Processing by ApplicationController#create as HTML
270
- WARNING: Can't verify CSRF token authenticity
271
- Completed 422 Unprocessable Entity in 0.2ms
272
- Processing by ApplicationController#create as HTML
273
- WARNING: Can't verify CSRF token authenticity
274
- Completed 422 Unprocessable Entity in 0.1ms
275
- --------------------------------------------------------------------------------------------------------
276
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
277
- --------------------------------------------------------------------------------------------------------
278
- Processing by ApplicationController#index as HTML
279
- Completed 200 OK in 0ms
280
- -----------------------------------------------------------------------------
281
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
282
- -----------------------------------------------------------------------------
283
- Processing by ApplicationController#create as HTML
284
- Can't verify CSRF token authenticity
285
- Completed 422 Unprocessable Entity in 0ms
286
- -----------------------------------------------------------------------------------------------------
287
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
288
- -----------------------------------------------------------------------------------------------------
289
- Processing by ApplicationController#create as HTML
290
- Can't verify CSRF token authenticity
291
- Completed 422 Unprocessable Entity in 0ms
292
- -------------------------------------------------------------------------------------
293
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
294
- -------------------------------------------------------------------------------------
295
- Processing by ApplicationController#create as HTML
296
- Can't verify CSRF token authenticity
297
- Completed 422 Unprocessable Entity in 0ms
298
- --------------------------------------------------------------------------------------------------------
299
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
300
- --------------------------------------------------------------------------------------------------------
301
- Processing by ApplicationController#index as HTML
302
- Completed 200 OK in 0ms
303
- -----------------------------------------------------------------------------
304
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
305
- -----------------------------------------------------------------------------
306
- Processing by ApplicationController#create as HTML
307
- Can't verify CSRF token authenticity
308
- Completed 422 Unprocessable Entity in 0ms
309
- -----------------------------------------------------------------------------------------------------
310
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
311
- -----------------------------------------------------------------------------------------------------
312
- Processing by ApplicationController#create as HTML
313
- Can't verify CSRF token authenticity
314
- Completed 422 Unprocessable Entity in 0ms
315
- -------------------------------------------------------------------------------------
316
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
317
- -------------------------------------------------------------------------------------
318
- Processing by ApplicationController#create as HTML
319
- Can't verify CSRF token authenticity
320
- Completed 422 Unprocessable Entity in 0ms
321
- --------------------------------------------------------------------------------------------------------
322
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
323
- --------------------------------------------------------------------------------------------------------
324
- Processing by ApplicationController#index as HTML
325
- Completed 200 OK in 0ms
326
- -----------------------------------------------------------------------------
327
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
328
- -----------------------------------------------------------------------------
329
- Processing by ApplicationController#create as HTML
330
- Completed 200 OK in 0ms
331
- -----------------------------------------------------------------------------------------------------
332
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
333
- -----------------------------------------------------------------------------------------------------
334
- Processing by ApplicationController#create as HTML
335
- Can't verify CSRF token authenticity
336
- Completed 422 Unprocessable Entity in 0ms
337
- -------------------------------------------------------------------------------------
338
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
339
- -------------------------------------------------------------------------------------
340
- Processing by ApplicationController#create as HTML
341
- Can't verify CSRF token authenticity
342
- Completed 422 Unprocessable Entity in 0ms
343
- Processing by ApplicationController#index as HTML
344
- Completed 200 OK in 0ms
345
- Processing by ApplicationController#create as HTML
346
- Completed 200 OK in 0ms
347
- Processing by ApplicationController#create as HTML
348
- Completed 422 Unprocessable Entity in 0ms
349
- Processing by ApplicationController#create as HTML
350
- Completed 422 Unprocessable Entity in 0ms
351
- Processing by ApplicationController#index as HTML
352
- Completed 200 OK in 0ms
353
- Processing by ApplicationController#create as HTML
354
- Completed 200 OK in 0ms
355
- Processing by ApplicationController#create as HTML
356
- Completed 422 Unprocessable Entity in 0ms
357
- Processing by ApplicationController#create as HTML
358
- Completed 422 Unprocessable Entity in 0ms
359
- Processing by ApplicationController#index as HTML
360
- Completed 200 OK in 0ms
361
- Processing by ApplicationController#create as HTML
362
- Completed 200 OK in 0ms
363
- Processing by ApplicationController#create as HTML
364
- WARNING: Can't verify CSRF token authenticity
365
- Completed 422 Unprocessable Entity in 0ms
366
- Processing by ApplicationController#create as HTML
367
- WARNING: Can't verify CSRF token authenticity
368
- Completed 422 Unprocessable Entity in 0ms
369
- Processing by ApplicationController#index as HTML
370
- Completed 200 OK in 0.3ms
371
- Processing by ApplicationController#create as HTML
372
- Completed 200 OK in 0.3ms
373
- Processing by ApplicationController#create as HTML
374
- WARNING: Can't verify CSRF token authenticity
375
- Completed 422 Unprocessable Entity in 0.1ms
376
- Processing by ApplicationController#create as HTML
377
- WARNING: Can't verify CSRF token authenticity
378
- Completed 422 Unprocessable Entity in 0.1ms
379
- --------------------------------------------------------------------------------------------------------
380
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
381
- --------------------------------------------------------------------------------------------------------
382
- Processing by ApplicationController#index as HTML
383
- Completed 200 OK in 0ms
384
- -----------------------------------------------------------------------------
385
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
386
- -----------------------------------------------------------------------------
387
- Processing by ApplicationController#create as HTML
388
- Completed 200 OK in 0ms
389
- -----------------------------------------------------------------------------------------------------
390
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
391
- -----------------------------------------------------------------------------------------------------
392
- Processing by ApplicationController#create as HTML
393
- Can't verify CSRF token authenticity
394
- Completed 422 Unprocessable Entity in 0ms
395
- -------------------------------------------------------------------------------------
396
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
397
- -------------------------------------------------------------------------------------
398
- Processing by ApplicationController#create as HTML
399
- Can't verify CSRF token authenticity
400
- Completed 422 Unprocessable Entity in 0ms
401
- --------------------------------------------------------------------------------------------------------
402
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
403
- --------------------------------------------------------------------------------------------------------
404
- Processing by ApplicationController#index as HTML
405
- Completed 200 OK in 0ms
406
- -----------------------------------------------------------------------------
407
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
408
- -----------------------------------------------------------------------------
409
- Processing by ApplicationController#create as HTML
410
- Completed 200 OK in 0ms
411
- -----------------------------------------------------------------------------------------------------
412
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
413
- -----------------------------------------------------------------------------------------------------
414
- Processing by ApplicationController#create as HTML
415
- Can't verify CSRF token authenticity
416
- Completed 422 Unprocessable Entity in 0ms
417
- -------------------------------------------------------------------------------------
418
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
419
- -------------------------------------------------------------------------------------
420
- Processing by ApplicationController#create as HTML
421
- Can't verify CSRF token authenticity
422
- Completed 422 Unprocessable Entity in 0ms
423
- --------------------------------------------------------------------------------------------------------
424
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
425
- --------------------------------------------------------------------------------------------------------
426
- Processing by ApplicationController#index as HTML
427
- Completed 200 OK in 0ms
428
- -----------------------------------------------------------------------------
429
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
430
- -----------------------------------------------------------------------------
431
- Processing by ApplicationController#create as HTML
432
- Completed 200 OK in 0ms
433
- -----------------------------------------------------------------------------------------------------
434
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
435
- -----------------------------------------------------------------------------------------------------
436
- Processing by ApplicationController#create as HTML
437
- Can't verify CSRF token authenticity
15
+ Can't verify CSRF token authenticity.
438
16
  Completed 422 Unprocessable Entity in 1ms
439
17
  -------------------------------------------------------------------------------------
440
18
  AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
441
19
  -------------------------------------------------------------------------------------
442
20
  Processing by ApplicationController#create as HTML
443
- Can't verify CSRF token authenticity
21
+ Can't verify CSRF token authenticity.
444
22
  Completed 422 Unprocessable Entity in 0ms
23
+ Processing by ApplicationController#index as HTML
24
+ Completed 200 OK in 0ms
25
+ Processing by ApplicationController#create as HTML
26
+ Completed 200 OK in 0ms
27
+ Processing by ApplicationController#create as HTML
28
+ WARNING: Can't verify CSRF token authenticity
29
+ Completed 422 Unprocessable Entity in 0ms
30
+ Processing by ApplicationController#create as HTML
31
+ WARNING: Can't verify CSRF token authenticity
32
+ Completed 422 Unprocessable Entity in 0ms
445
33
  --------------------------------------------------------------------------------------------------------
446
34
  AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
447
35
  --------------------------------------------------------------------------------------------------------
@@ -451,120 +39,43 @@ Completed 200 OK in 0ms
451
39
  AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
452
40
  -----------------------------------------------------------------------------
453
41
  Processing by ApplicationController#create as HTML
454
- Completed 200 OK in 17ms
42
+ Completed 200 OK in 1ms
455
43
  -----------------------------------------------------------------------------------------------------
456
44
  AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
457
45
  -----------------------------------------------------------------------------------------------------
458
46
  Processing by ApplicationController#create as HTML
459
- Can't verify CSRF token authenticity
47
+ Can't verify CSRF token authenticity.
460
48
  Completed 422 Unprocessable Entity in 0ms
461
49
  -------------------------------------------------------------------------------------
462
50
  AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
463
51
  -------------------------------------------------------------------------------------
464
52
  Processing by ApplicationController#create as HTML
465
- Can't verify CSRF token authenticity
466
- Completed 422 Unprocessable Entity in 0ms
467
- --------------------------------------------------------------------------------------------------------
468
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
469
- --------------------------------------------------------------------------------------------------------
470
- Processing by ApplicationController#index as HTML
471
- Completed 200 OK in 0ms
472
- -----------------------------------------------------------------------------
473
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
474
- -----------------------------------------------------------------------------
475
- Processing by ApplicationController#create as HTML
476
- Completed 200 OK in 0ms
477
- -----------------------------------------------------------------------------------------------------
478
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
479
- -----------------------------------------------------------------------------------------------------
480
- Processing by ApplicationController#create as HTML
481
- Can't verify CSRF token authenticity
482
- Completed 422 Unprocessable Entity in 0ms
53
+ Can't verify CSRF token authenticity.
54
+ Completed 422 Unprocessable Entity in 1ms
483
55
  -------------------------------------------------------------------------------------
484
56
  AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
485
57
  -------------------------------------------------------------------------------------
486
58
  Processing by ApplicationController#create as HTML
487
- Can't verify CSRF token authenticity
488
- Completed 422 Unprocessable Entity in 0ms
489
- Processing by ApplicationController#index as HTML
490
- Completed 200 OK in 0ms
491
- Processing by ApplicationController#create as HTML
492
- Completed 200 OK in 0ms
493
- Processing by ApplicationController#create as HTML
494
- Completed 422 Unprocessable Entity in 0ms
495
- Processing by ApplicationController#create as HTML
496
- Completed 422 Unprocessable Entity in 0ms
497
- Processing by ApplicationController#index as HTML
498
- Completed 200 OK in 0ms
499
- Processing by ApplicationController#create as HTML
500
- Completed 200 OK in 0ms
501
- Processing by ApplicationController#create as HTML
502
- Completed 422 Unprocessable Entity in 0ms
503
- Processing by ApplicationController#create as HTML
504
- Completed 422 Unprocessable Entity in 0ms
505
- --------------------------------------------------------------------------------------------------------
506
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
507
- --------------------------------------------------------------------------------------------------------
508
- Processing by ApplicationController#index as HTML
509
- Completed 200 OK in 0ms
510
- -----------------------------------------------------------------------------
511
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
512
- -----------------------------------------------------------------------------
513
- Processing by ApplicationController#create as HTML
514
- Completed 200 OK in 0ms
59
+ Can't verify CSRF token authenticity.
60
+ Completed 422 Unprocessable Entity in 1ms
515
61
  -----------------------------------------------------------------------------------------------------
516
62
  AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
517
63
  -----------------------------------------------------------------------------------------------------
518
64
  Processing by ApplicationController#create as HTML
519
- Can't verify CSRF token authenticity
65
+ Can't verify CSRF token authenticity.
520
66
  Completed 422 Unprocessable Entity in 0ms
521
- -------------------------------------------------------------------------------------
522
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
523
- -------------------------------------------------------------------------------------
524
- Processing by ApplicationController#create as HTML
525
- Can't verify CSRF token authenticity
526
- Completed 422 Unprocessable Entity in 0ms
527
- --------------------------------------------------------------------------------------------------------
528
- AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
529
- --------------------------------------------------------------------------------------------------------
530
- Processing by ApplicationController#index as HTML
531
- Completed 200 OK in 0ms
532
67
  -----------------------------------------------------------------------------
533
68
  AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
534
69
  -----------------------------------------------------------------------------
535
70
  Processing by ApplicationController#create as HTML
536
- Completed 200 OK in 0ms
537
- -----------------------------------------------------------------------------------------------------
538
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
539
- -----------------------------------------------------------------------------------------------------
540
- Processing by ApplicationController#create as HTML
541
- Can't verify CSRF token authenticity
542
- Completed 422 Unprocessable Entity in 1ms
543
- -------------------------------------------------------------------------------------
544
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
545
- -------------------------------------------------------------------------------------
546
- Processing by ApplicationController#create as HTML
547
- Can't verify CSRF token authenticity
548
- Completed 422 Unprocessable Entity in 0ms
71
+ Completed 200 OK in 1ms
549
72
  --------------------------------------------------------------------------------------------------------
550
73
  AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
551
74
  --------------------------------------------------------------------------------------------------------
552
75
  Processing by ApplicationController#index as HTML
553
- Completed 200 OK in 0ms
554
- -----------------------------------------------------------------------------
555
- AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
556
- -----------------------------------------------------------------------------
557
- Processing by ApplicationController#create as HTML
558
- Completed 200 OK in 0ms
559
- -----------------------------------------------------------------------------------------------------
560
- AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
561
- -----------------------------------------------------------------------------------------------------
562
- Processing by ApplicationController#create as HTML
563
- Can't verify CSRF token authenticity
564
- Completed 422 Unprocessable Entity in 0ms
565
- -------------------------------------------------------------------------------------
566
- AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
567
- -------------------------------------------------------------------------------------
568
- Processing by ApplicationController#create as HTML
569
- Can't verify CSRF token authenticity
570
- Completed 422 Unprocessable Entity in 0ms
76
+ Completed 200 OK in 1ms
77
+ ----------------------------------------------------------------------------
78
+ AngularRailsCsrfExceptionTest: test_a_get_does_not_set_the_XSRF-TOKEN_cookie
79
+ ----------------------------------------------------------------------------
80
+ Processing by ExclusionsController#index as HTML
81
+ Completed 200 OK in 1ms
data/test/test_helper.rb CHANGED
@@ -1,5 +1,5 @@
1
- # Configure Rails Environment
2
- ENV["RAILS_ENV"] = "test"
3
-
4
- require File.expand_path("../dummy/config/environment.rb", __FILE__)
5
- require "rails/test_help"
1
+ # Configure Rails Environment
2
+ ENV["RAILS_ENV"] = "test"
3
+
4
+ require File.expand_path("../dummy/config/environment.rb", __FILE__)
5
+ require "rails/test_help"
metadata CHANGED
@@ -1,14 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: angular_rails_csrf
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - James Sanders
8
+ - Ilya Bodrov
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2015-06-04 00:00:00.000000000 Z
12
+ date: 2016-10-04 00:00:00.000000000 Z
12
13
  dependencies:
13
14
  - !ruby/object:Gem::Dependency
14
15
  name: rake
@@ -16,16 +17,44 @@ dependencies:
16
17
  requirements:
17
18
  - - "~>"
18
19
  - !ruby/object:Gem::Version
19
- version: 10.1.0
20
+ version: '11.3'
20
21
  type: :development
21
22
  prerelease: false
22
23
  version_requirements: !ruby/object:Gem::Requirement
23
24
  requirements:
24
25
  - - "~>"
25
26
  - !ruby/object:Gem::Version
26
- version: 10.1.0
27
+ version: '11.3'
28
+ - !ruby/object:Gem::Dependency
29
+ name: test-unit
30
+ requirement: !ruby/object:Gem::Requirement
31
+ requirements:
32
+ - - "~>"
33
+ - !ruby/object:Gem::Version
34
+ version: '3.2'
35
+ type: :development
36
+ prerelease: false
37
+ version_requirements: !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - "~>"
40
+ - !ruby/object:Gem::Version
41
+ version: '3.2'
27
42
  - !ruby/object:Gem::Dependency
28
43
  name: rails
44
+ requirement: !ruby/object:Gem::Requirement
45
+ requirements:
46
+ - - '='
47
+ - !ruby/object:Gem::Version
48
+ version: 5.0.0.1
49
+ type: :development
50
+ prerelease: false
51
+ version_requirements: !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - '='
54
+ - !ruby/object:Gem::Version
55
+ version: 5.0.0.1
56
+ - !ruby/object:Gem::Dependency
57
+ name: railties
29
58
  requirement: !ruby/object:Gem::Requirement
30
59
  requirements:
31
60
  - - ">="
@@ -33,7 +62,7 @@ dependencies:
33
62
  version: '3'
34
63
  - - "<"
35
64
  - !ruby/object:Gem::Version
36
- version: '5'
65
+ version: '5.1'
37
66
  type: :runtime
38
67
  prerelease: false
39
68
  version_requirements: !ruby/object:Gem::Requirement
@@ -43,23 +72,25 @@ dependencies:
43
72
  version: '3'
44
73
  - - "<"
45
74
  - !ruby/object:Gem::Version
46
- version: '5'
75
+ version: '5.1'
47
76
  description: AngularJS style CSRF protection for Rails
48
77
  email:
49
78
  - sanderjd@gmail.com
79
+ - golosizpru@gmail.com
50
80
  executables: []
51
81
  extensions: []
52
82
  extra_rdoc_files: []
53
83
  files:
54
- - MIT-LICENSE
55
84
  - README.md
56
85
  - Rakefile
57
86
  - lib/angular_rails_csrf.rb
58
87
  - lib/angular_rails_csrf/concern.rb
59
88
  - lib/angular_rails_csrf/railtie.rb
60
89
  - lib/angular_rails_csrf/version.rb
90
+ - test/angular_rails_csrf_exception_test.rb
61
91
  - test/angular_rails_csrf_test.rb
62
92
  - test/dummy/app/controllers/application_controller.rb
93
+ - test/dummy/app/controllers/exclusions_controller.rb
63
94
  - test/dummy/config.ru
64
95
  - test/dummy/config/application.rb
65
96
  - test/dummy/config/boot.rb
@@ -79,7 +110,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
79
110
  requirements:
80
111
  - - ">="
81
112
  - !ruby/object:Gem::Version
82
- version: '0'
113
+ version: 1.9.3
83
114
  required_rubygems_version: !ruby/object:Gem::Requirement
84
115
  requirements:
85
116
  - - ">="
@@ -87,13 +118,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
87
118
  version: '0'
88
119
  requirements: []
89
120
  rubyforge_project:
90
- rubygems_version: 2.4.5
121
+ rubygems_version: 2.6.6
91
122
  signing_key:
92
123
  specification_version: 4
93
124
  summary: Support for AngularJS $http service style CSRF protection in Rails
94
125
  test_files:
126
+ - test/angular_rails_csrf_exception_test.rb
95
127
  - test/angular_rails_csrf_test.rb
96
128
  - test/dummy/app/controllers/application_controller.rb
129
+ - test/dummy/app/controllers/exclusions_controller.rb
97
130
  - test/dummy/config/application.rb
98
131
  - test/dummy/config/boot.rb
99
132
  - test/dummy/config/environment.rb
data/MIT-LICENSE DELETED
@@ -1,20 +0,0 @@
1
- Copyright 2013 YOURNAME
2
-
3
- Permission is hereby granted, free of charge, to any person obtaining
4
- a copy of this software and associated documentation files (the
5
- "Software"), to deal in the Software without restriction, including
6
- without limitation the rights to use, copy, modify, merge, publish,
7
- distribute, sublicense, and/or sell copies of the Software, and to
8
- permit persons to whom the Software is furnished to do so, subject to
9
- the following conditions:
10
-
11
- The above copyright notice and this permission notice shall be
12
- included in all copies or substantial portions of the Software.
13
-
14
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
- LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
- OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
- WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.