Add workaround for CSRF issue in current GitHub Codespaces

Author: goosys

spec/example_app/config/environments/development.rb

@@ -75,4 +75,11 @@
 
   # Apply autocorrection by RuboCop to files generated by `bin/rails generate`.
   # config.generators.apply_rubocop_autocorrect_after_generate!
+
+  # In the current GitHub Codespaces, the Origin header is rewritten, which breaks CSRF protection.
+  # See: https://github.com/orgs/community/discussions/156532
+  if ENV["GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN"] == "app.github.dev"
+    warn "WARNING: (development) Disabling CSRF protection Origin header check!"
+    config.action_controller.forgery_protection_origin_check = false
+  end
 end