Override action_controller.allow_forgery_protection for specific integration test

Helper method that enables forgery protection temporarily for a block:

def with_forgery_protection  orig = ActionController::Base.allow_forgery_protection  begin    ActionController::Base.allow_forgery_protection = true    yield if block_given?  ensure    ActionController::Base.allow_forgery_protection = orig  endendwith_forgery_protection do  # code in here will require csrf tokenend

You can simply change the value in your integration test setup:

require 'test_helper'class MyCrunchyIntegrationTest < ActionController::IntegrationTest  fixtures :all  def setup    ActionController::Base.allow_forgery_protection = true  end  def teardown    ActionController::Base.allow_forgery_protection = false  end  test "how awesome my application is" do    # ...  endend

This is a RSpec version of @gmcnaughton's solution.

This goes in spec_helper.rb:

RSpec.configure do |config|  config.around(:each, :with_csrf_protection) do |example|    orig = ActionController::Base.allow_forgery_protection    begin      ActionController::Base.allow_forgery_protection = true      example.run    ensure      ActionController::Base.allow_forgery_protection = orig    end  endend

Then you write the tests like:

it "foo", with_csrf_protection: true do  # …end

Or, depending on your RSpec settings:

it "foo", :with_csrf_protection do  # …end