All Questions

834
votes
10answers
154190 views

Understanding the Rails Authenticity Token

I am running into some issues regarding the Authenticity Token in Rails, as I have many times now. But I really don't want to just solve this problem and go on. I would really like to understand the ...
187
votes
13answers
121034 views

Rails 4 Authenticity Token

I was working on a new Rails 4 app (on Ruby 2.0.0-p0) when I ran into some authenticity token problems. While writing a controller that responds to json (using the respond_to class method), I got to ...
33
votes
7answers
27959 views

Proper way to send an Authenticity Token with AJAX..?

This works but gets stopped because it lacks an authenticity token: $(".ajax-referral").click(function(){ $.ajax({type: "POST", url: $(this).parent("form").attr("action"), dataType: "script"}); r...
8
votes
2answers
4337 views

How to POST with missing authenticity_token in rspec rails request test?

I'm simulating a request coming from an external service, which will not have an authenticity token. I want the test to fail if skip_before_action :verify_authenticity_token is missing. How do I do t...
9
votes
2answers
9286 views

How do i add the authenticity token?

I recently switched to Google closure for a new project. I am having trouble adding the authenticity token to the headers in a ajax call. How do i go about it? My Ajax snippet (using goog.net.XhrIo c...
4
votes
2answers
3851 views

Rails request forgery protection settings

please help a newbie in Rails :) I have protect_from_forgery call (which is given by default) with no attributes in my ApplicationController class. Basically here's the code: class ApplicationContr...
0
votes
1answers
156 views

POST request done with Authenticity Token, but exception still rased

My controller is responding to a js GET request, and in my js.erb file I am reporting back with the Fingerprint2 generated browser data of the users browser. This is done with a POST request, because ...

Previous Next