3

我有一个 Rails 3.2 应用程序,我需要在其中接受来自第 3 方的 POST 请求。我想将传入的请求存储在我的“消息”模型中。我的 MessageController 如下所示:

class MessagesController < ApplicationController
  protect_from_forgery :except => :create
...

def create
@message = Message.new(content: params[:content], command: params[:command], messageId: params[:messageId], ...)

respond_to do |format|
  if @message.save
...

我收到的请求如下所示:

curl -d "content=GUESTTEST&command=deliverMessage&messageId=11389622" https://[myapp].herokuapp.com/messages

这在本地运行良好(http://localhost:3000/messages),但是一旦我切换到heroku,请求就不再起作用了。

heroku logs

说:

    2012-08-13T07:54:01+00:00 app[web.1]: Started POST "/" for 178.195.215.59 at 2012-08-13 07:54:01 +0000
    2012-08-13T07:54:01+00:00 app[web.1]: Processing by StaticPagesController#home as */*
    2012-08-13T07:54:01+00:00 app[web.1]:   Parameters: {"content"=>"GUESTTEST", "time"=>"2012-08-01 10:09:03", "businessNumber"=>"5555", "sessionId"=>"5555CHS1343808543654", "operatorCode"=>"99999", "msisdn"=>"0099955291", "keyword"=>"GUESTTEST", "command"=>"deliverMessage", "messageId"=>"11389622"}
    2012-08-13T07:54:01+00:00 app[web.1]: WARNING: Can't verify CSRF token authenticity
    2012-08-13T07:54:01+00:00 app[web.1]:   Rendered static_pages/home.html.erb within layouts/application (1.1ms)
    2012-08-13T07:54:01+00:00 app[web.1]:   Rendered layouts/_shim.html.erb (0.0ms)
    2012-08-13T07:54:01+00:00 app[web.1]:   Rendered layouts/_header.html.erb (0.9ms)
    2012-08-13T07:54:01+00:00 app[web.1]:   Rendered layouts/_footer.html.erb (0.2ms)
    2012-08-13T07:54:01+00:00 app[web.1]: Completed 200 OK in 6ms (Views: 5.6ms | ActiveRecord: 0.0ms)
    2012-08-13T07:54:01+00:00 heroku[router]: POST guestlist12.herokuapp.com/ dyno=web.1 queue=0 wait=0ms service=72ms status=200 bytes=2425

我需要更改什么以允许帖子在没有 CSRF 令牌的情况下工作?

任何帮助深表感谢!

4

1 回答 1

1

总结评论中的答案,以便从“未回答”过滤器中删除此问题:

[移除]protect_from_forgery [从]应用程序控制器。

~ 每个Amol Pujari 的回答

于 2013-10-09T06:23:01.310 回答