How can I change the meta tags 'csrf-param' and 'csrf-token' in Rails 4?

Question

How can I change the meta tags 'csrf-param' and 'csrf-token' in Rails 4?

As the title says, I wonder how can I change the name of the csrf-param and csrf-token meta tags?

 <meta content="authenticity_token" name="csrf-param" /> <meta content="123456" name="csrf-token" />

I ask this because for security reasons I want to hide what technology I use to power my site. The Chrome Wappalyzer uses these meta tags as indicators for Ruby on Rails .

enter image description here

+5

ruby-on-rails ruby-on-rails-4 csrf

Robin Sep 26 '14 at 20:10

source share

1 answer

Blair anderson · Answer 1 · 2015-02-10T01:32:00+0000

Create an initializer called change_csrf_name.rb

inside this file you can change :name => 'xyz' . that it can break some built-in functions that you did not expect.

 module ActionView module Helpers module CsrfHelper def csrf_meta_tags if protect_against_forgery? [ tag('meta', :name => 'csrf-param', :content => request_forgery_protection_token), tag('meta', :name => 'csrf-token', :content => form_authenticity_token) ].join("\n").html_safe end end end end end

How can I change the meta tags 'csrf-param' and 'csrf-token' in Rails 4?

More articles: