Error with Rails 5.2 default of action_controller.default_protect_from_forgery

[morgler]

If I set the new rails default of action_controller.default_protect_from_forgery in Rails 5.2+, the server will not start due to an error in stripe-event's webhook_controller:

my_app/shared/bundle/ruby/2.7.0/gems/activesupport-5.2.5/lib/active_support/callbacks.rb:701:in `block (2 levels) in skip_callback': Before process_action callback :verify_authenticity_token has not been defined (ArgumentError)

...

gems/stripe_event-2.3.1/app/controllers/stripe_event/webhook_controller.rb:4:in `<class:WebhookController>'
May 08 11:58:26 gixtra-staging rbenv[854021]:         from /home/deploy/gixtra-prod/shared/bundle/ruby/2.7.0/gems/stripe_event-2.3.1/app/controllers/stripe_event/webhook_controller.rb:2:in `<module:StripeEvent>'
May 08 11:58:26 gixtra-staging rbenv[854021]:         from /home/deploy/gixtra-prod/shared/bundle/ruby/2.7.0/gems/stripe_event-2.3.1/app/controllers/stripe_event/webhook_controller.rb:1:in `<main>'

My setting in application.rb was

Rails.application.config.action_controller.default_protect_from_forgery = true

If I set this back to fale (or comment it out), everything works.

It seems the culprit is the call to skip :verify_authenticity_token in the webhook_controller, because that method doesn't seem to be defined by the default forgery protection anymore.