Auto complete plugin and CSRF protection-- do you care?

Krishna_Dole · October 23, 2007, 6:44pm

Hi,

I just noticed that the auto_complete plugin does not work with the CSRF protection in Rails 2.0. I've patched the plugin, but I'm wondering if people would like to see the official plugin fixed. If so, speak up and I will write some tests and submit the patch.

Krishna

Frederick_Cheung · October 23, 2007, 7:05pm

Please do - we haven't moved to 2.0 yet but it would be silly for us to have to duplicate your work when we do !

Fred

fxn · October 23, 2007, 7:28pm

Please!

nachokb · October 25, 2007, 3:45am

I'm interested

Krishna_Dole · November 2, 2007, 7:25am

Hi all,

Sorry for the delay. I finally got around to submitting the patch-- comments and criticism welcome:

http://dev.rubyonrails.org/ticket/10059

Krishna

Krishna_Dole · December 10, 2007, 4:49pm

Several people expressed interest in this patch-- I'm still looking for two +1s. http://dev.rubyonrails.org/ticket/10059

Krishna

Frederick_Cheung · December 10, 2007, 6:32pm

Several people expressed interest in this patch-- I'm still looking for two +1s. http://dev.rubyonrails.org/ticket/10059

You've got mine. Worth checking out #rails-contrib on irc, or the
rails-core mailing list if you need more.

Fred

Topic		Replies	Views
text_field_with_auto_complete rubyonrails-talk	4	194	February 7, 2008
CSRF Protection Bypass in Ruby on Rails - I don't get it ... rubyonrails-talk	10	162	February 9, 2011
auto_complete and protect_from_forgery rubyonrails-talk	0	123	October 2, 2008
auto_complete problem???? rubyonrails-talk	0	85	June 3, 2008
text_field_with_auto_complete rubyonrails-core	2	150	October 25, 2007

Auto complete plugin and CSRF protection-- do you care?

Related topics

More Resources