# File lib/action_controller/request_forgery_protection.rb, line 76 def protect_from_forgery(options = {}) self.request_forgery_protection_token ||= :authenticity_token before_filter :verify_authenticity_token, :only => options.delete(:only), :except => options.delete(:except) request_forgery_protection_options.update(options) end