angular_rails_csrf 3.2.0 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/angular_rails_csrf/version.rb +1 -1
- data/test/dummy/log/test.log +74 -0
- metadata +7 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fe9fb037133e9bf60dcd922bd29936ab85b8c4c730cba28ac2602703ab24401d
|
|
4
|
+
data.tar.gz: 652584f4e71bf641625437f9e5c596fc4d33737fd6381b2d30d9ab64aad00049
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fcba72111050df7ee9184c1d12ad1ce1bc9c4f006d8fa51e6cfeaa11180609893fc44e055a1274ef631f7fefbee1afaf73217083a01725d5508ce34f263099c8
|
|
7
|
+
data.tar.gz: 5387400b46c17e2e7edf9b426f45dc83763a43f634d4d8a1baccca4a4d09ae910e17392a7d3391cdfa464b6823908586180aba3d72b52fe7890e766c42bceacd
|
data/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
## AngularJS-style CSRF Protection for Rails
|
|
2
2
|
|
|
3
3
|
[](https://badge.fury.io/rb/angular_rails_csrf)
|
|
4
|
-
[](https://travis-ci.org/jsanders/angular_rails_csrf)
|
|
5
5
|
|
|
6
6
|
The AngularJS [ng.$http](http://docs.angularjs.org/api/ng.$http) service has built-in CSRF protection. By default, it looks for a cookie named `XSRF-TOKEN` and, if found, writes its value into an `X-XSRF-TOKEN` header, which the server compares with the CSRF token saved in the user's session.
|
|
7
7
|
|
data/test/dummy/log/test.log
CHANGED
|
@@ -479,3 +479,77 @@ AngularRailsCsrfExceptionTest: test_a_get_does_not_set_the_XSRF-TOKEN_cookie
|
|
|
479
479
|
----------------------------------------------------------------------------
|
|
480
480
|
Processing by ExclusionsController#index as HTML
|
|
481
481
|
Completed 200 OK in 0ms
|
|
482
|
+
--------------------------------------------------------------------------------------------------------
|
|
483
|
+
AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
|
|
484
|
+
--------------------------------------------------------------------------------------------------------
|
|
485
|
+
Processing by ApplicationController#index as HTML
|
|
486
|
+
Completed 200 OK in 0ms
|
|
487
|
+
-----------------------------------------------------------------------------------------------------
|
|
488
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
|
|
489
|
+
-----------------------------------------------------------------------------------------------------
|
|
490
|
+
Processing by ApplicationController#create as HTML
|
|
491
|
+
Can't verify CSRF token authenticity.
|
|
492
|
+
Completed 422 Unprocessable Entity in 0ms
|
|
493
|
+
--------------------------------------------------------
|
|
494
|
+
AngularRailsCsrfTest: test_the_domain_is_used_if_present
|
|
495
|
+
--------------------------------------------------------
|
|
496
|
+
Processing by ApplicationController#index as HTML
|
|
497
|
+
Completed 200 OK in 0ms
|
|
498
|
+
-------------------------------------------------------------------------------------
|
|
499
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
|
|
500
|
+
-------------------------------------------------------------------------------------
|
|
501
|
+
Processing by ApplicationController#create as HTML
|
|
502
|
+
Can't verify CSRF token authenticity.
|
|
503
|
+
Completed 422 Unprocessable Entity in 0ms
|
|
504
|
+
-----------------------------------------------------------------------------
|
|
505
|
+
AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
|
|
506
|
+
-----------------------------------------------------------------------------
|
|
507
|
+
Processing by ApplicationController#create as HTML
|
|
508
|
+
Completed 200 OK in 0ms
|
|
509
|
+
-----------------------------------------------------------
|
|
510
|
+
AngularRailsCsrfTest: test_a_custom_name_is_used_if_present
|
|
511
|
+
-----------------------------------------------------------
|
|
512
|
+
Processing by ApplicationController#index as HTML
|
|
513
|
+
Completed 200 OK in 0ms
|
|
514
|
+
----------------------------------------------------------------------------
|
|
515
|
+
AngularRailsCsrfExceptionTest: test_a_get_does_not_set_the_XSRF-TOKEN_cookie
|
|
516
|
+
----------------------------------------------------------------------------
|
|
517
|
+
Processing by ExclusionsController#index as HTML
|
|
518
|
+
Completed 200 OK in 0ms
|
|
519
|
+
----------------------------------------------------------------------------
|
|
520
|
+
AngularRailsCsrfExceptionTest: test_a_get_does_not_set_the_XSRF-TOKEN_cookie
|
|
521
|
+
----------------------------------------------------------------------------
|
|
522
|
+
Processing by ExclusionsController#index as HTML
|
|
523
|
+
Completed 200 OK in 0ms (Allocations: 128)
|
|
524
|
+
-------------------------------------------------------------------------------------
|
|
525
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
|
|
526
|
+
-------------------------------------------------------------------------------------
|
|
527
|
+
Processing by ApplicationController#create as HTML
|
|
528
|
+
Can't verify CSRF token authenticity.
|
|
529
|
+
Completed 422 Unprocessable Entity in 0ms (Allocations: 118)
|
|
530
|
+
--------------------------------------------------------
|
|
531
|
+
AngularRailsCsrfTest: test_the_domain_is_used_if_present
|
|
532
|
+
--------------------------------------------------------
|
|
533
|
+
Processing by ApplicationController#index as HTML
|
|
534
|
+
Completed 200 OK in 0ms (Allocations: 119)
|
|
535
|
+
--------------------------------------------------------------------------------------------------------
|
|
536
|
+
AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
|
|
537
|
+
--------------------------------------------------------------------------------------------------------
|
|
538
|
+
Processing by ApplicationController#index as HTML
|
|
539
|
+
Completed 200 OK in 0ms (Allocations: 116)
|
|
540
|
+
-----------------------------------------------------------------------------------------------------
|
|
541
|
+
AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
|
|
542
|
+
-----------------------------------------------------------------------------------------------------
|
|
543
|
+
Processing by ApplicationController#create as HTML
|
|
544
|
+
Can't verify CSRF token authenticity.
|
|
545
|
+
Completed 422 Unprocessable Entity in 0ms (Allocations: 109)
|
|
546
|
+
-----------------------------------------------------------------------------
|
|
547
|
+
AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
|
|
548
|
+
-----------------------------------------------------------------------------
|
|
549
|
+
Processing by ApplicationController#create as HTML
|
|
550
|
+
Completed 200 OK in 0ms (Allocations: 136)
|
|
551
|
+
-----------------------------------------------------------
|
|
552
|
+
AngularRailsCsrfTest: test_a_custom_name_is_used_if_present
|
|
553
|
+
-----------------------------------------------------------
|
|
554
|
+
Processing by ApplicationController#index as HTML
|
|
555
|
+
Completed 200 OK in 0ms (Allocations: 116)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: angular_rails_csrf
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 4.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- James Sanders
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2019-08-20 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rake
|
|
@@ -45,14 +45,14 @@ dependencies:
|
|
|
45
45
|
requirements:
|
|
46
46
|
- - '='
|
|
47
47
|
- !ruby/object:Gem::Version
|
|
48
|
-
version:
|
|
48
|
+
version: 6.0.0
|
|
49
49
|
type: :development
|
|
50
50
|
prerelease: false
|
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
53
|
- - '='
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
|
-
version:
|
|
55
|
+
version: 6.0.0
|
|
56
56
|
- !ruby/object:Gem::Dependency
|
|
57
57
|
name: railties
|
|
58
58
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -62,7 +62,7 @@ dependencies:
|
|
|
62
62
|
version: '3'
|
|
63
63
|
- - "<"
|
|
64
64
|
- !ruby/object:Gem::Version
|
|
65
|
-
version: '
|
|
65
|
+
version: '7'
|
|
66
66
|
type: :runtime
|
|
67
67
|
prerelease: false
|
|
68
68
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -72,7 +72,7 @@ dependencies:
|
|
|
72
72
|
version: '3'
|
|
73
73
|
- - "<"
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version: '
|
|
75
|
+
version: '7'
|
|
76
76
|
description: AngularJS style CSRF protection for Rails
|
|
77
77
|
email:
|
|
78
78
|
- sanderjd@gmail.com
|
|
@@ -117,8 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
117
117
|
- !ruby/object:Gem::Version
|
|
118
118
|
version: '0'
|
|
119
119
|
requirements: []
|
|
120
|
-
|
|
121
|
-
rubygems_version: 2.7.6
|
|
120
|
+
rubygems_version: 3.0.4
|
|
122
121
|
signing_key:
|
|
123
122
|
specification_version: 4
|
|
124
123
|
summary: Support for AngularJS $http service style CSRF protection in Rails
|