456asf

Results 1 issues of 456asf

CSRF with req.evn['rack.session']

```ruby def safe? return req.get? || req.head? || req.params["csrf_token"] == token ||#token create every time new one req.env["HTTP_X_CSRF_TOKEN"] == token end Change code ... def existing_token session[:csrf_token] end def safe?...