This project is archived and is in readonly mode.
authenticity_token option for form_tag
Reported by qoobaa | August 3rd, 2009 @ 03:07 PM | in 3.1
The patch adds :authenticity_token option to form_tag helper. It's useful when you need to deal with external application uploads (like uploading files to AWS S3). Some might say that it can be solved using allow_forgery_protection in controller, but the situation becomes more complicated when you need to have both: internal and external forms on the same view. The authenticity token might be turned off by passing false, or overridden by passing custom string.
form_tag "http://far.far.away/form", :authenticity_token => false
form_tag "http://far.far.away/form", :authenticity_token => "a_custom_authenticity_token"
It should be used in button_to helper as well (I can add it if you like the solution).
Comments and changes to this ticket
-
qoobaa May 9th, 2010 @ 10:07 PM
I can try to rebase the patch with master if anybody is interested in the feature.
-
Igor Wiedler December 17th, 2010 @ 11:59 AM
Just ran into this (creating a paypal form), would be a useful feature for any form that leaves the site.
-
Piotr Sarnacki December 17th, 2010 @ 12:35 PM
- Milestone set to “3.1”
- Assigned user set to “Piotr Sarnacki”
- Importance changed from “” to “Low”
Jakub: Yes, please rebase the patch with master.
-
Igor Wiedler December 27th, 2010 @ 11:00 PM
I have rebased it, tested and sent a pull request via GitHub: https://github.com/rails/rails/pull/145
-
Jeremy Kemper January 9th, 2011 @ 11:50 PM
- State changed from “new” to “committed”
-
Repository January 9th, 2011 @ 11:56 PM
- State changed from “committed” to “resolved”
(from [5106ce88e44286b88e5c2e2c261deb7e28392994]) authenticity_token option for form_tag [#2988 state:resolved] https://github.com/rails/rails/commit/5106ce88e44286b88e5c2e2c261de...
-
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
<h2 style="font-size: 14px">Tickets have moved to Github</h2>
The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>
People watching this ticket
Igor Wiedler
Jason Weathered
Jeremy Kemper
José Valim
Piotr Sarnacki
qoobaa
Attachments
Referenced by
-
2988
authenticity_token option for form_tag
(from [5106ce88e44286b88e5c2e2c261deb7e28392994])
authent...
-
6228
Added disable_authenticity_token option to form helper
Similar functionality has been added in
https://rails.li...
-
6228
Added disable_authenticity_token option to form helper
Agreed with Lachlan - this appears to be duplicated
funct...
-
6228
Added disable_authenticity_token option to form helper
So right now this ticket is duplicate to functionality co...