Posted at

クロスサイトリクエストフォージェリ 保護

More than 1 year has passed since last update.

form_authenticity_tokenメソッド

<%= form_for @user do |f| %>

<%=
f.text_field :username %>
<%= f.text_field :password %>
<% end %>

<form accept-charset="UTF-8" action="/users/1" method="post">

<input type="hidden"
value="67250ab105eb5ad10851c00a5621854a23af5489"
name="authenticity_token"/>
<!-- fields -->
</form>