Bypass forgery protection for trusted IP addresses

Is it possible to have Ruby on Rails forgery protection turned on, but ignore token mismatches from trusted IP addresses?

Basically I want the benefits of forgery protection but would like to allow requests from a trust开发者_Python百科ed machine with a fixed IP address to be able to post into my controller without problems.

You can disable the forgery protection for specific actions. The specific actions could be performed for whitelisted IPs only, perhaps in conjunction with a before_filter or related methods.

References

• Ruby on Rails API Request Forgery Protection documentation.
• before_filter and related methods.