diff options
| author | abcang <abcang1015@gmail.com> | 2018-04-17 22:23:46 +0900 |
|---|---|---|
| committer | Eugen Rochko <eugen@zeonfederated.com> | 2018-04-17 15:23:46 +0200 |
| commit | 897199910fc29d17b4a019b6ee2473e138d777a2 (patch) | |
| tree | 21eceb5c6212f770c876755e5f901469892ce3ce /app/controllers/api/web/base_controller.rb | |
| parent | 204d72fbe49b3749e168ed2cd0ff83706946352a (diff) | |
Improve web api protect (#6343)
Diffstat (limited to 'app/controllers/api/web/base_controller.rb')
| -rw-r--r-- | app/controllers/api/web/base_controller.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/app/controllers/api/web/base_controller.rb b/app/controllers/api/web/base_controller.rb new file mode 100644 index 000000000..8da549b3a --- /dev/null +++ b/app/controllers/api/web/base_controller.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class Api::Web::BaseController < Api::BaseController + protect_from_forgery with: :exception + + rescue_from ActionController::InvalidAuthenticityToken do + render json: { error: "Can't verify CSRF token authenticity." }, status: 422 + end +end |