tags:

views:

271

answers:

2
Q: 

InvalidAuthenticityToken for JQuery despite setting authenticity token

I'm getting an InvalidAuthenticityToken despite adding in corresponding authenticity tokens in the jquery response. Is there an error in the code, or is there another, root problem? I appreciate any comments. Thanks!

Using: Rails 2.3.3, Ruby 1.8.6, Webrick, JQuery 1.3.2

layout/networks.html.haml

= token_tag
= javascript_tag "window.AUTH_TOKEN = '#{form_authenticity_token}';"

javascripts/application.js

$(document).ready(function() {

    // All non-GET requests will add the authenticity token
    // if not already present in the data packet
    $(document).ajaxSend(function(event, request, settings) {
       if (typeof(window.AUTH_TOKEN) == "undefined") return;
       // <acronym title="Internet Explorer 6">IE6</acronym> fix for http://dev.jquery.com/ticket/3155
       if (settings.type == 'GET' || settings.type == 'get') return;

       settings.data = settings.data || "";
       settings.data += (settings.data ? "&" : "") + "authenticity_token=" + encodeURIComponent(window.AUTH_TOKEN);
     });

  ajaxLinks();
});

The rendered html has:

<input name="authenticity_token" type="hidden" value="ZaXj3ACQl+8JKtaDAUoxtSsqzEagSPyHbS25ai9qWCw=" />
<script type="text/javascript">
//<![CDATA[
window.AUTH_TOKEN = 'ZaXj3ACQl+8JKtaDAUoxtSsqzEagSPyHbS25ai9qWCw=';
//]]>
</script>

and breakpointing through, shows that window.AUTH_TOKEN has been set. Any help to resolve this would be great.

A: 

My main guess is that you are facing a caching problem... request the page from 2 different clients and check whether there is a match in both authentication keys...

khelll  2009-12-22 14:12:50
I'm stuck with a single computer at the moment, so I'm just going to have to use another browser. I tried it in Chrome and it works! Strange, since I cleared my cache/cookies in FireFox. Is this different behavior based on the browsers or the browser cache? Also, can you clear the cache of webrick? Thanks!
 2009-12-22 21:12:03
Can you try the same form with Chrome again? If the error appeared again then you need to revise the server caching, if not then you may need to check why your browser is caching. Also check the log on the console, is ir rendering the form or does it load it?
khelll  2009-12-22 22:14:52
I'm not sure what you mean same form, but Chrome still doesn't show the error and does execute the js. The log on the console shows that it is processing NetworksController#destroy, and then rendering networks/destroy for Chrome. For FF, the log says that it is processing NetworksController#destroy, and then meeting the InvalidAuthenticityToken Error and no render after that.
 2009-12-23 01:48:12
A: 

So after all this debugging, I've run into the same issue on both Chrome and Firefox, so the root cause is not the browsers. One potential issue might be that a new key is generated on an form submission, and is not being updated correctly via ajax call. If someone knows a fix for this or has a working JQuery project that has working auth for GET/POST/PUT/DESTROY, that would be great (even tutorials don't work for me - but that might be due to an old versions of jquery/rails).

 2010-01-02 09:52:04

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.