angular_rails_csrf 1.0.4 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 740300b724cfd8f8500d162de60d9612e63bd91a
-  data.tar.gz: fb9b28c509ab59f4aba0f58b0e66a7f77e5e6ad8
+  metadata.gz: 4becb4082b16922fde4f2110f3beb5111726ab08
+  data.tar.gz: b106877de928863c4586b8f9038b9cf72847416f
 SHA512:
-  metadata.gz: 0e75a70015061b20556083b86d38d8d88b7df068f756884b6257bed2b3b52d0b52e99d50ecc58b64205ca52a84807371db9234e0fbc7362c33bc0198a5a2dcfb
-  data.tar.gz: deb899582b48662cc2eeceb1333d1b4c446b7e8285da102aefd26d4f8099a18371fee3a83d13dc05963f7eabf0cc30acc5f5898c32e50a01f46d8420f7fe64a4
+  metadata.gz: d364e35e39341cd2bfef8a4ad885ac7815d5bb3eab69728a9a7a3b8d9a755978a7401338a208a51bfbf418ff67265d0d78776ab0f0df9dc397490106ddd158ab
+  data.tar.gz: fdf99a8394b9e6a411eaaffd72c429e0380611da8387f3ec65cd240563f9f4fdfb7fc124da6f9650d17abde40d6b221b5f78c363404848baefaae9ad76094737

data/README.md

@@ -1,21 +1,39 @@
-## AngularJS-style CSRF Protection for Rails
-
-[![Build Status](https://travis-ci.org/jsanders/angular_rails_csrf.png)](https://travis-ci.org/jsanders/angular_rails_csrf)
-
-The AngularJS [ng.$http](http://docs.angularjs.org/api/ng.$http) service has built-in CSRF protection. By default, it looks for a cookie named `XSRF-TOKEN` and, if found, writes its value into an `X-XSRF-TOKEN` header, which the server compares with the CSRF token saved in the user's session.
-
-This project adds direct support for this scheme to your Rails application without requiring any changes to your AngularJS application. It also doesn't require the use of `csrf_meta_tags` to write a CSRF token into your page markup, so it works for pure JSON API applications.
-
-Note that there is nothing AngularJS specific here, and this will work with any other front-end that implements the same scheme.
-
-### Installation
-
-Add this line to your application's Gemfile:
-
-    gem 'angular_rails_csrf'
-
-And then execute:
-
-    $ bundle
-
-That's it!
+## AngularJS-style CSRF Protection for Rails
+
+[![Gem Version](https://badge.fury.io/rb/angular_rails_csrf.svg)](https://badge.fury.io/rb/angular_rails_csrf)
+[![Build Status](https://travis-ci.org/jsanders/angular_rails_csrf.png)](https://travis-ci.org/jsanders/angular_rails_csrf)
+[![Dependency Status](https://gemnasium.com/badges/github.com/jsanders/angular_rails_csrf.svg)](https://gemnasium.com/github.com/jsanders/angular_rails_csrf)
+
+The AngularJS [ng.$http](http://docs.angularjs.org/api/ng.$http) service has built-in CSRF protection. By default, it looks for a cookie named `XSRF-TOKEN` and, if found, writes its value into an `X-XSRF-TOKEN` header, which the server compares with the CSRF token saved in the user's session.
+
+This project adds direct support for this scheme to your Rails application without requiring any changes to your AngularJS application. It also doesn't require the use of `csrf_meta_tags` to write a CSRF token into your page markup, so it works for pure JSON API applications.
+
+Note that there is nothing AngularJS specific here, and this will work with any other front-end that implements the same scheme.
+
+### Installation
+
+Add this line to your application's *Gemfile*:
+
+    gem 'angular_rails_csrf'
+
+And then execute:
+
+    $ bundle
+
+That's it!
+
+### Exclusions
+
+Sometimes you will want to skip setting the XSRF token for certain controllers (for example, when using SSE or ActionCable, as discussed [here](https://github.com/jsanders/angular_rails_csrf/issues/7)):
+
+```ruby
+class ExclusionsController < ApplicationController
+  exclude_xsrf_token_cookie
+  
+  # your actions here...
+end
+```
+
+### License 
+
+Licensed under the [MIT License](https://github.com/jsanders/angular_rails_csrf/blob/master/LICENSE).

data/Rakefile

@@ -1,32 +1,32 @@
-begin
-  require 'bundler/setup'
-rescue LoadError
-  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
-end
-
-require 'rdoc/task'
-
-RDoc::Task.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'AngularRailsCsrf'
-  rdoc.options << '--line-numbers'
-  rdoc.rdoc_files.include('README.rdoc')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
-
-
-
-
-Bundler::GemHelper.install_tasks
-
-require 'rake/testtask'
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << 'lib'
-  t.libs << 'test'
-  t.pattern = 'test/**/*_test.rb'
-  t.verbose = false
-end
-
-
-task default: :test
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'AngularRailsCsrf'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/lib/angular_rails_csrf/concern.rb

@@ -1,21 +1,37 @@
-module AngularRailsCsrf
-  module Concern
-    extend ActiveSupport::Concern
-
-    included do
-      before_filter :set_xsrf_token_cookie
-    end
-
-    def set_xsrf_token_cookie
-      cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
-    end
-
-    def verified_request?
-      if respond_to?(:valid_authenticity_token?, true)
-        super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
-      else
-        super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
-      end
-    end
-  end
-end
+module AngularRailsCsrf
+  module Concern
+    extend ActiveSupport::Concern
+
+    included do
+      if Rails::VERSION::MAJOR < 4
+        after_filter :set_xsrf_token_cookie
+      else
+        after_action :set_xsrf_token_cookie
+      end
+    end
+
+    def set_xsrf_token_cookie
+      if protect_against_forgery? && !respond_to?(:__exclude_xsrf_token_cookie?)
+        cookies['XSRF-TOKEN'] = form_authenticity_token
+      end
+    end
+
+    def verified_request?
+      if respond_to?(:valid_authenticity_token?, true)
+        super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
+      else
+        super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
+      end
+    end
+
+    module ClassMethods
+      def exclude_xsrf_token_cookie
+        self.class_eval do
+          def __exclude_xsrf_token_cookie?
+            true
+          end
+        end
+      end
+    end
+  end
+end

data/lib/angular_rails_csrf/railtie.rb

@@ -1,11 +1,11 @@
-require 'angular_rails_csrf/concern'
-
-module AngularRailsCsrf
-  class Railtie < ::Rails::Railtie
-    initializer 'angular-rails-csrf' do |app|
-      ActiveSupport.on_load(:action_controller) do
-        include AngularRailsCsrf::Concern
-      end
-    end
-  end
-end
+require 'angular_rails_csrf/concern'
+
+module AngularRailsCsrf
+  class Railtie < ::Rails::Railtie
+    initializer 'angular-rails-csrf' do |app|
+      ActiveSupport.on_load(:action_controller) do
+        include AngularRailsCsrf::Concern
+      end
+    end
+  end
+end

data/lib/angular_rails_csrf/version.rb

@@ -1,3 +1,3 @@
-module AngularRailsCsrf
-  VERSION = "1.0.4"
-end
+module AngularRailsCsrf
+  VERSION = "2.0.0"
+end

data/lib/angular_rails_csrf.rb

@@ -1 +1 @@
-require 'angular_rails_csrf/railtie'
+require 'angular_rails_csrf/railtie'

data/test/angular_rails_csrf_exception_test.rb

@@ -0,0 +1,16 @@
+require 'test_helper'
+
+class AngularRailsCsrfExceptionTest < ActionController::TestCase
+  tests ExclusionsController
+
+  setup do
+    @controller.allow_forgery_protection = true
+    @correct_token = @controller.send(:form_authenticity_token)
+  end
+
+  test "a get does not set the XSRF-TOKEN cookie" do
+    get :index
+    assert_not_equal @correct_token, cookies['XSRF-TOKEN']
+    assert_response :success
+  end
+end

data/test/angular_rails_csrf_test.rb

@@ -1,35 +1,48 @@
-require 'test_helper'
-
-class AngularRailsCsrfTest < ActionController::TestCase
-  tests ApplicationController
-
-  setup do
-    @controller.allow_forgery_protection = true
-    @correct_token = @controller.send(:form_authenticity_token)
-  end
-
-  test "a get sets the XSRF-TOKEN cookie but does not require the X-XSRF-TOKEN header" do
-    get :index
-    assert_equal @correct_token, cookies['XSRF-TOKEN']
-    assert_response :success
-  end
-
-  test "a post raises an error without the X-XSRF-TOKEN header set" do
-    assert_raises ActionController::InvalidAuthenticityToken do
-      post :create
-    end
-  end
-
-  test "a post raises an error with the X-XSRF-TOKEN header set to the wrong value" do
-    @request.headers['X-XSRF-TOKEN'] = 'garbage'
-    assert_raises ActionController::InvalidAuthenticityToken do
-      post :create
-    end
-  end
-
-  test "a post is accepted if X-XSRF-TOKEN is set properly" do
-    @request.headers['X-XSRF-TOKEN'] = @correct_token
-    post :create
-    assert_response :success
-  end
-end
+require 'test_helper'
+
+class AngularRailsCsrfTest < ActionController::TestCase
+  tests ApplicationController
+
+  test "a get sets the XSRF-TOKEN cookie but does not require the X-XSRF-TOKEN header" do
+    get :index
+    assert_valid_cookie
+    assert_response :success
+  end
+
+  test "a post raises an error without the X-XSRF-TOKEN header set" do
+    assert_raises ActionController::InvalidAuthenticityToken do
+      post :create
+    end
+  end
+
+  test "a post raises an error with the X-XSRF-TOKEN header set to the wrong value" do
+    set_header_to 'garbage'
+    assert_raises ActionController::InvalidAuthenticityToken do
+      post :create
+    end
+  end
+
+  test "a post is accepted if X-XSRF-TOKEN is set properly" do
+    set_header_to @controller.send(:form_authenticity_token)
+    post :create
+    assert_valid_cookie
+    assert_response :success
+  end
+
+  private
+
+  # Helpers
+
+  def set_header_to(value)
+    # Rails 3 uses `env` and Rails 4 uses `headers`
+    @request.env['X-XSRF-TOKEN'] = @request.headers['X-XSRF-TOKEN'] = value
+  end
+
+  def assert_valid_cookie
+    if @controller.respond_to?(:valid_authenticity_token?, true)
+      assert @controller.send(:valid_authenticity_token?, session, cookies['XSRF-TOKEN'])
+    else
+      assert_equal @controller.send(:form_authenticity_token), cookies['XSRF-TOKEN']
+    end
+  end
+end

data/test/dummy/app/controllers/application_controller.rb

@@ -1,6 +1,13 @@
-class ApplicationController < ActionController::Base
-  protect_from_forgery with: :exception
-
-  def index;  head :ok; end
-  def create; head :ok; end
-end
+class ApplicationController < ActionController::Base
+  protect_from_forgery with: :exception
+
+  if Rails::VERSION::MAJOR < 4
+    # Mimic `protect_from_forgery with: :exception` for older Rails versions.
+    def handle_unverified_request
+      raise ActionController::InvalidAuthenticityToken
+    end
+  end
+
+  def index;  head :ok; end
+  def create; head :ok; end
+end

data/test/dummy/app/controllers/exclusions_controller.rb

@@ -0,0 +1,5 @@
+class ExclusionsController < ApplicationController
+  exclude_xsrf_token_cookie
+
+  def index;  head :ok; end
+end

data/test/dummy/config/application.rb

@@ -1,14 +1,15 @@
-require File.expand_path('../boot', __FILE__)
-
-require "action_controller/railtie"
-
-Bundler.require(*Rails.groups)
-require "angular_rails_csrf"
-
-module Dummy
-  class Application < Rails::Application
-    config.secret_key_base = '5e6b6d2bd7bf26d02679ac958b520adf41b211eb0b8f33742abc5437711d0ad314baf13efc0d35d7568d2e469668a7021cf5e945c667bd16507777aedb770f83'
-    config.eager_load = false # You get yelled at if you don't set this
-  end
-end
-
+require File.expand_path('../boot', __FILE__)
+
+require "action_controller/railtie"
+
+Bundler.require(:default, Rails.env)
+require "angular_rails_csrf"
+
+module Dummy
+  class Application < Rails::Application
+    config.secret_key_base = '5e6b6d2bd7bf26d02679ac958b520adf41b211eb0b8f33742abc5437711d0ad314baf13efc0d35d7568d2e469668a7021cf5e945c667bd16507777aedb770f83'
+    config.eager_load = false # You get yelled at if you don't set this
+    config.active_support.test_order = :random
+  end
+end
+

data/test/dummy/config/boot.rb

@@ -1,5 +1,4 @@
-# Set up gems listed in the Gemfile.
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
-
-require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
-$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])

data/test/dummy/config/environment.rb

@@ -1,5 +1,5 @@
-# Load the Rails application.
-require File.expand_path('../application', __FILE__)
-
-# Initialize the Rails application.
-Dummy::Application.initialize!
+# Load the Rails application.
+require File.expand_path('../application', __FILE__)
+
+# Initialize the Rails application.
+Dummy::Application.initialize!

data/test/dummy/config/routes.rb

@@ -1,4 +1,6 @@
-Dummy::Application.routes.draw do
-  get  'test' => 'application#index'
-  post 'test' => 'application#create'
-end
+Dummy::Application.routes.draw do
+  get  'test' => 'application#index'
+  post 'test' => 'application#create'
+
+  get 'exclusions' => 'exclusions#index'
+end

data/test/dummy/config.ru

@@ -1,4 +1,4 @@
-# This file is used by Rack-based servers to start the application.
-
-require ::File.expand_path('../config/environment',  __FILE__)
-run Rails.application
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Rails.application

data/test/dummy/log/test.log

@@ -12,436 +12,24 @@ Completed 200 OK in 1ms
 AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
 -----------------------------------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0.2ms
-Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0.3ms
-Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0.1ms
-Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0.1ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-
-***** Debugger requested, but was not available (ensure ruby-debug is listed in Gemfile/installed as gem): Start server with --debugger to enable *****
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 33857ms
-  Processing by ApplicationController#index as HTML
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 15337ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 94657ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-  Processing by ApplicationController#index as HTML
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 7498ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 1204ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 500 Internal Server Error in 49631ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 11900ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 2198ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 1333ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 1428ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 200 OK in 1525ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 876ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 2694ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 429ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 392ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 473ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 14358ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 8244ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 3772ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 134031ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 2903ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 14568ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 34950ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 964ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 461ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0.3ms
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0.3ms
-Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0.2ms
-Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0.1ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0.3ms
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0.3ms
-Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0.1ms
-Processing by ApplicationController#create as HTML
-WARNING: Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0.1ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
+Can't verify CSRF token authenticity.
 Completed 422 Unprocessable Entity in 1ms
 -------------------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
 -------------------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
+Can't verify CSRF token authenticity.
 Completed 422 Unprocessable Entity in 0ms
+  Processing by ApplicationController#index as HTML
+Completed 200 OK in 0ms
+  Processing by ApplicationController#create as HTML
+Completed 200 OK in 0ms
+  Processing by ApplicationController#create as HTML
+WARNING: Can't verify CSRF token authenticity
+Completed 422 Unprocessable Entity in 0ms
+  Processing by ApplicationController#create as HTML
+WARNING: Can't verify CSRF token authenticity
+Completed 422 Unprocessable Entity in 0ms
 --------------------------------------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
 --------------------------------------------------------------------------------------------------------
@@ -451,120 +39,43 @@ Completed 200 OK in 0ms
 AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
 -----------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Completed 200 OK in 17ms
+Completed 200 OK in 1ms
 -----------------------------------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
 -----------------------------------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
+Can't verify CSRF token authenticity.
 Completed 422 Unprocessable Entity in 0ms
 -------------------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
 -------------------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
+Can't verify CSRF token authenticity.
+Completed 422 Unprocessable Entity in 1ms
 -------------------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
 -------------------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
-  Processing by ApplicationController#create as HTML
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
+Can't verify CSRF token authenticity.
+Completed 422 Unprocessable Entity in 1ms
 -----------------------------------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
 -----------------------------------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
+Can't verify CSRF token authenticity.
 Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
---------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
---------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
 -----------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
 -----------------------------------------------------------------------------
 Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 1ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
+Completed 200 OK in 1ms
 --------------------------------------------------------------------------------------------------------
 AngularRailsCsrfTest: test_a_get_sets_the_XSRF-TOKEN_cookie_but_does_not_require_the_X-XSRF-TOKEN_header
 --------------------------------------------------------------------------------------------------------
 Processing by ApplicationController#index as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_is_accepted_if_X-XSRF-TOKEN_is_set_properly
------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Completed 200 OK in 0ms
------------------------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_with_the_X-XSRF-TOKEN_header_set_to_the_wrong_value
------------------------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
--------------------------------------------------------------------------------------
-AngularRailsCsrfTest: test_a_post_raises_an_error_without_the_X-XSRF-TOKEN_header_set
--------------------------------------------------------------------------------------
-Processing by ApplicationController#create as HTML
-Can't verify CSRF token authenticity
-Completed 422 Unprocessable Entity in 0ms
+Completed 200 OK in 1ms
+----------------------------------------------------------------------------
+AngularRailsCsrfExceptionTest: test_a_get_does_not_set_the_XSRF-TOKEN_cookie
+----------------------------------------------------------------------------
+Processing by ExclusionsController#index as HTML
+Completed 200 OK in 1ms

data/test/test_helper.rb

@@ -1,5 +1,5 @@
-# Configure Rails Environment
-ENV["RAILS_ENV"] = "test"
-
-require File.expand_path("../dummy/config/environment.rb",  __FILE__)
-require "rails/test_help"
+# Configure Rails Environment
+ENV["RAILS_ENV"] = "test"
+
+require File.expand_path("../dummy/config/environment.rb",  __FILE__)
+require "rails/test_help"

metadata

@@ -1,14 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: angular_rails_csrf
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 2.0.0
 platform: ruby
 authors:
 - James Sanders
+- Ilya Bodrov
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-04 00:00:00.000000000 Z
+date: 2016-10-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -16,16 +17,44 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 10.1.0
+        version: '11.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 10.1.0
+        version: '11.3'
+- !ruby/object:Gem::Dependency
+  name: test-unit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
 - !ruby/object:Gem::Dependency
   name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 5.0.0.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 5.0.0.1
+- !ruby/object:Gem::Dependency
+  name: railties
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -33,7 +62,7 @@ dependencies:
         version: '3'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '5.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -43,23 +72,25 @@ dependencies:
         version: '3'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '5.1'
 description: AngularJS style CSRF protection for Rails
 email:
 - sanderjd@gmail.com
+- golosizpru@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- MIT-LICENSE
 - README.md
 - Rakefile
 - lib/angular_rails_csrf.rb
 - lib/angular_rails_csrf/concern.rb
 - lib/angular_rails_csrf/railtie.rb
 - lib/angular_rails_csrf/version.rb
+- test/angular_rails_csrf_exception_test.rb
 - test/angular_rails_csrf_test.rb
 - test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/exclusions_controller.rb
 - test/dummy/config.ru
 - test/dummy/config/application.rb
 - test/dummy/config/boot.rb
@@ -79,7 +110,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -87,13 +118,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 2.6.6
 signing_key: 
 specification_version: 4
 summary: Support for AngularJS $http service style CSRF protection in Rails
 test_files:
+- test/angular_rails_csrf_exception_test.rb
 - test/angular_rails_csrf_test.rb
 - test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/exclusions_controller.rb
 - test/dummy/config/application.rb
 - test/dummy/config/boot.rb
 - test/dummy/config/environment.rb

data/MIT-LICENSE

@@ -1,20 +0,0 @@
-Copyright 2013 YOURNAME
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.