- helper :all # include all helpers, all the time
- protect_from_forgery # See ActionController::RequestForgeryProtection for details
-
- # Scrub sensitive parameters from your log
- # filter_parameter_logging :password
+ # Prevent CSRF attacks by raising an exception.
+ # For APIs, you may want to use :null_session instead.
+ protect_from_forgery with: :exception