I'm using swfupload's most recent version, 2.2.0 and rails 2.3.3. Having seen a number of statements to the effect that I would have to replace CGI::Session.initialize with a chunk of code to extract the session from key-value pairs injected into my form url, I incorporated the code segment into my environment.rb: require 'cgi' class C...
How can I remove the div from authenticity_token in Ruby on Rails? Thanks. ...
My Ruby on Rails application is mostly contained behind a login page. I'd still like to be able to stress test these pages, as they have some heavy database access. Sending the username and password into a post for my login isn't difficult, but the Authenticity Token keeps changing, which makes my tests unrepeatable. Is there a way to...
Rails AuthenticityToken automatically protects POST/PUT/DELETE requests from CSRF attacks. But I have another use case in mind. I am showing a video on my site that I don't want to be embeddable on other sites. How this works is that my flash player sends a request for a signed URL from my CDN that expires in a few seconds. Up until ...
I'm currently using RESTful Authentication plug-in on my rails application. There is a typical scenario when a user stays at login screen for enough time (let's say 1 day..) that makes the authentication token invalid due to time expire. When this user tries the next day to login (he didn't refresh, he is still with this invalid token...
I have a simple Ruby on Rails form which includes an authenticity_token. Unfortunatly, I missed that when you page cache this page then the Authenticity Token becomes invalid. I'm glad I figured it out however. How do you solve caching in such a case? ...
Hey, please help a newbie in Rails :) I have protect_from_forgery call (which is given by default) with no attributes in my ApplicationController class. Basically here's the code: class ApplicationController < ActionController::Base helper :all # include all helpers, all the time protect_from_forgery helper_method :current_user...
I recently switched to Google closure for a new project. I am having trouble adding the authenticity token to the headers in a ajax call. How do i go about it? My Ajax snippet (using goog.net.XhrIo class): var initialHTMLContent = superField[i].getCleanContents(); var data = goog.Uri.QueryData.createFromMap(new goog.structs.Map({ bo...