I don't know why it happens but my form for some reason does not post properly. I am very sure the form contains the required authentication token: <form action="/account/complete_verify_email/4df78710-e27b-4527-bd2d-71cd2e9a1271" method="post"><div style="margin:0;padding:0"><input name="authenticity_token" type="hidden" value="341b07d...
I am running into some issues regarding Authenticity Token in rails, as I did many times now. But I really don't want to just solve this problem and go on, I would really like to understand Authenticity token. Well, my question is, do you have some complete source of information on this subject or would spend your time to explain in deta...
I tried the auto_complete text field in rails 2.3.3 and the server says it denied request because of no authenticity token. I can see that the helper doesn't automatically create a parameter for it. How I can manually do this? And I do not want to disable forgery prevention for this autocomplete. ...
Hi, I was trying to use active record store but I kept getting an invalid authenticity token. Someone told me to remove my protect_from_forgery from application controller. I know that this would remove all auth tokens but I'm not sure if this is a good idea. Does active record store not need auth tokens? By the way, all I need is a wa...
I've had two previous questions about active record store that all came down to the same thing. Here's what I want: I want to access the session at any time and see who is online right now and access their session variable from anywhere. I need this because: Users are separated into groups. If one person logs in he receives an api to...
Here is the deal. Our application is working and is being used by writers to send in content for the web site. Problem is, from times to times, our writers get an error after submiting the form for any rescource in the site. The error after checking the production logs was the good old InvalidAuthenticityToken. Problem is, they don't c...
Hey Everyone I'm just putting together a simple web application in Ruby on Rails 3 RC and I'm a bit stumped with the forgery protection. I plan to have a web interface as well as allow XML API calls from an iPhone app. I'm currently testing this with a REST request generator but am getting InvalidAuthenticityToken errors. Firstly, I t...
I have found numerous posts that describe how to do this. They all look something like putting this in the appropriate environment config file: config.action_controller.session[:domain] = '.localhost' However, if I do this then trying to sign in (I am using devise) fails with: ActionController::InvalidAuthenticityToken I see other...