I have two applications that need to talk to each other over HTTP. One is a PHP app and the other is my main app, the Rails app. I am needing the PHP app to talk to the Rails app by POSTing data to it, but when I do, I receive the Invalid Authenticity Token error. Is there anyway around this? Or how would I just create my own token to pass along the POST so that my Rails app authenticates?
A:
From the documentation for ActionController::RequestForgeryProtection::ClassMethods
You can skip the authentication token requirement either by specifying and :except or by forcing the before filter to be skipped....Example from the documentation...
class FooController < ApplicationController
protect_from_forgery :except => :index
# you can disable csrf protection on controller-by-controller basis:
skip_before_filter :verify_authenticity_token
end
Rob Di Marco
2010-09-10 14:26:24