开发者

Rails 3 protect_from_forgery problems

开发者 https://www.devze.com 2023-01-16 04:07 出处:网络
I have two applications that nee开发者_Go百科d to talk to each other over HTTP. One is a PHP app and the other is my main app, the Rails app. I am needing the PHP app to talk to the Rails app by POSTi

I have two applications that nee开发者_Go百科d to talk to each other over HTTP. One is a PHP app and the other is my main app, the Rails app. I am needing the PHP app to talk to the Rails app by POSTing data to it, but when I do, I receive the Invalid Authenticity Token error. Is there anyway around this? Or how would I just create my own token to pass along the POST so that my Rails app authenticates?


From the documentation for ActionController::RequestForgeryProtection::ClassMethods

You can skip the authentication token requirement either by specifying and :except or by forcing the before filter to be skipped....Example from the documentation...

class FooController < ApplicationController
    protect_from_forgery :except => :index

    # you can disable csrf protection on controller-by-controller basis:
    skip_before_filter :verify_authenticity_token
end
0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号