We are sunsetting Hakiri on January 31 2022. To learn more please refer to this document.

Discovered almost 5 years ago
Source: static code analysis
Category: Cross-Site Request Forgery
Confidence level: Medium


protect_from_forgery should be configured with 'with: :exception'



Category description: Failure to verify that the sender of a web request actually intended to do so.

Solution: fix the issue in app/controllers/application_controller.rb or mark it as false positive.