Stephane Paquet
Reputation: 2344
protect_from_forgery how to handle resulting exception
When using protect_from_forgery with: :exception in a Web App, how it is possible not to expose the exception to the user.
Let's say that when this exception is raised I would like to refresh the current page and push a flash message on top of the screen (I already have mechanisms to handle the flash messages).
Upvotes: 1
Views: 333
Answers (1)
Avdept
Reputation: 2289
You can add following method
def handle_unverified_request
render status: 422, template: 'errors/unacceptable'
end
in your application_controller, and do your error handling there
Upvotes: 1
Related Questions
- Rails: What does exception and null_session mean in protect_from_forgery
- protect_from_forgery with: :exception rails 5
- Shouldn't protect_from_forgery with: :exception raise an error if I don't include an authenticity token?
- Rails 4; Raise an error and catch within controller
- 'protect_from_forgery' in Application controller in Rails
- How can i restrict protect_from_forgery with exception rails
- rails protect_from_forgery raises with exception
- protect_from_forgery with: :exception where?
- Rails 3 protect_from_forgery problems
- Rails: How to add an exception for an external server to request via post/put for activated protection from forgery?