Rails Facebook iframe应用程序错误:InvalidAuthenticityToken
问题描述:
当我访问我的facebook iframe应用程序时出现此错误:Rails Facebook iframe应用程序错误:InvalidAuthenticityToken
The change you wanted was rejected.
Maybe you tried to change something you didn't have access to.
Heroku日志:
2011-06-05T08:30:41+00:00 app[web.1]: Started POST "/facebook/" for xxxx
03 at 2011-06-05 10:30:41 +0200
2011-06-05T08:30:41+00:00 heroku[router]: POST www.vinderhimlen.dk/facebook/ dyn
o=web.1 queue=0 wait=0ms service=39ms bytes=711
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:41+00:00 app[web.1]: ActionController::InvalidAuthenticityToken
(ActionController::InvalidAuthenticityToken):
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:45+00:00 heroku[web.1]: Stopping process with SIGTERM
2011-06-05T08:30:45+00:00 app[web.1]: >> Stopping ...
2011-06-05T08:30:45+00:00 heroku[web.1]: Process exited
[email protected] /c/rails/konkurranceportalen (master)
$
答
默认情况下,Rails的要求被列为令牌每个POST都有一个隐藏字段。
这可以保护您的应用程序免受跨网站请求伪造。
请参阅导轨Request Forgery Protection文档。
skip_before_filter :verify_authenticity_token
对于进一步的调试可能是有用的。
我已经加入skip_before_filter:verify_authenticity_token它仍然给出了同样的错误 – 2011-06-05 11:00:20
尝试从控制器/ application_controller.rb – 2011-06-05 11:25:02
现在,它的工作原理去除'protect_from_forgery':) – 2011-06-05 12:02:05