Private methods do not need :nodoc: to be private API

zzak · gabriel-amaral · zzak · commit a0621e594645 · 2024-05-24T06:56:19.000+09:00
Follow up to rails#51279 Co-authored-by: Gabriel Amaral <1706819+gabriel-amaral@users.noreply.github.com>
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -265,7 +265,7 @@ def handle_unverified_request
         end
 
         private
-          class NullSessionHash < Rack::Session::Abstract::SessionHash # :nodoc:
+          class NullSessionHash < Rack::Session::Abstract::SessionHash
             def initialize(req)
               super(nil, req)
               @data = {}
@@ -284,7 +284,7 @@ def enabled?
             end
           end
 
-          class NullCookieJar < ActionDispatch::Cookies::CookieJar # :nodoc:
+          class NullCookieJar < ActionDispatch::Cookies::CookieJar
             def write(*)
               # nothing
             end
@@ -396,7 +396,7 @@ def verify_authenticity_token # :doc:
         end
       end
 
-      def handle_unverified_request # :doc:
+      def handle_unverified_request
         protection_strategy = forgery_protection_strategy.new(self)
 
         if protection_strategy.respond_to?(:warning_message)
@@ -406,15 +406,14 @@ def handle_unverified_request # :doc:
         protection_strategy.handle_unverified_request
       end
 
-      def unverified_request_warning_message # :nodoc:
+      def unverified_request_warning_message
         if valid_request_origin?
           "Can't verify CSRF token authenticity."
         else
           "HTTP Origin header (#{request.origin}) didn't match request.base_url (#{request.base_url})"
         end
       end
 
-      # :nodoc:
       CROSS_ORIGIN_JAVASCRIPT_WARNING = "Security warning: an embedded " \
         "<script> tag on another site requested protected JavaScript. " \
         "If you know what you're doing, go ahead and disable forgery " \
@@ -653,15 +652,15 @@ def normalize_relative_action_path(rel_action_path) # :doc:
         uri.path.chomp("/")
       end
 
-      def generate_csrf_token # :nodoc:
+      def generate_csrf_token
         SecureRandom.urlsafe_base64(AUTHENTICITY_TOKEN_LENGTH)
       end
 
-      def encode_csrf_token(csrf_token) # :nodoc:
+      def encode_csrf_token(csrf_token)
         Base64.urlsafe_encode64(csrf_token, padding: false)
       end
 
-      def decode_csrf_token(encoded_csrf_token) # :nodoc:
+      def decode_csrf_token(encoded_csrf_token)
         Base64.urlsafe_decode64(encoded_csrf_token)
       end
   end
