views:

160

answers:

1

I have two applications that need to talk to each other over HTTP. One is a PHP app and the other is my main app, the Rails app. I am needing the PHP app to talk to the Rails app by POSTing data to it, but when I do, I receive the Invalid Authenticity Token error. Is there anyway around this? Or how would I just create my own token to pass along the POST so that my Rails app authenticates?

A: 

From the documentation for ActionController::RequestForgeryProtection::ClassMethods

You can skip the authentication token requirement either by specifying and :except or by forcing the before filter to be skipped....Example from the documentation...

class FooController < ApplicationController
    protect_from_forgery :except => :index

    # you can disable csrf protection on controller-by-controller basis:
    skip_before_filter :verify_authenticity_token
end
Rob Di Marco