`require’: cannot load such file -- rack/csrf
Closed this issue · 4 comments
PetrKaleta commented
Hello, it looks like there's a missing dependency when using csrf
plugin
.rbenv/versions/2.6.4/lib/ruby/gems/2.6.0/gems/roda-3.24.0/lib/roda/plugins/csrf.rb:3:in `require’: cannot load such file -- rack/csrf
janko commented
You need to add the rack_csrf gem to your Gemfile. Roda does not depend on it because it's not a mandatory dependency (it's only needed by the csrf
plugin).
Note that the it's recommended to use the route_csrf plugin instead, which is more secure and doesn't depend on any external gems.
PetrKaleta commented
Maybe its just worth mentioning it in plugin's readme...
PetrKaleta commented
btw: rodauth is using this plugin by default...
jeremyevans commented
The csrf plugin module documentation does mention that it uses rack_csrf
. I'm certainly open to expanding the documentation if you think it would be beneficial. Please submit a pull request for that if so.