-# Filters added to this controller apply to all controllers in the application.
-# Likewise, all the methods added will be available for all controllers.
-
class ApplicationController < ActionController::Base
- helper :all # include all helpers, all the time
- protect_from_forgery # See ActionController::RequestForgeryProtection for details
-
- # Scrub sensitive parameters from your log
- # filter_parameter_logging :password
+ # Prevent CSRF attacks by raising an exception.
+ # For APIs, you may want to use :null_session instead.
+ protect_from_forgery with: :exception
end