724bd48494
Since Rails 2.3.11, protect_from_forgery exclusively calls handle_unverified_request which defaults to resetting the session. The old code to handle an invalid CSRF token is not used anymore and is thus removed to un-confuse people. |
||
---|---|---|
.. | ||
controllers | ||
drops | ||
helpers | ||
models | ||
views |