在我的网站的多个部分,我WARNING: Can't verify CSRF token authenticity在我的日志文件中收到,它正在重置我的会话。但是,我有真实性令牌:
Started POST "/check_out/shopping_cart_with_authenticated_user" for 10.189.254.5 at 2013-09-12 11:19:02 -0400
Processing by CheckOutController#shopping_cart_with_authenticated_user as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"rGcLQAR/s7zRNf2WEqkuD7ar8IXs0alt7szJKSfgLio="}
SESSION VARIABLES ARE: {}
WARNING: Can't verify CSRF token authenticity
和这里:
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"N1F53oN1fTv2Ysg/27biH14dDyTtkm2RinAUqSHwGAs=", "user"=>{"email"=>"liz@nsdfsdfsdfsry.com", "password"=>"[FILTERED]"}, "commit"=>"Sign in"}
SESSION VARIABLES ARE: {"current_cart_id"=>55175183, "_csrf_token"=>"HzPm7DHLslbV76wJ3ahCqPkOO4bv5k5CkjKBe3C9WHE=", "flash"=>#<ActionDispatch::Flash::FlashHash:0x00000005f1e028 @used=#<Set: {}>, @closed=false, @flashes={}, @now=#<ActionDispatch::Flash::FlashNow:0x00000005e81570 @flash=#<ActionDispatch::Flash::FlashHash:0x00000005f1e028 ...>>>, "warden.user.user.key"=>["User", [358060], "$2a$12$VcSeYjhwx6JkgERnlN0clu"], "logged_in_by_password"=>true, "user_id"=>358060}
WARNING: Can't verify CSRF token authenticity
这是怎么回事?我正在使用 Rails 生成的表单。这是我正在使用的设计表单的示例:
<%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
<%= token_tag form_authenticity_token %>
<div class="formField"><label for="email">Email <span>example: jane@example.com</span></label>
<%= f.email_field :email, :autofocus => true, :id => "email", :class => "textfield col" %></div>
<div class="formField"><label for="password">Password <span>is cAsE sEnSiTiVe</span></label>
<%= f.password_field :password, :class => "textfield col" %></div>
<div><%= f.submit "Sign in", :disable_with => "Signing in…".html_safe,:id => 'log_in', :class => 'button-red-shiny full-width ' %></div>
<% end %>
== 更新 ==
所以最终我关闭了浏览器并重新打开它,它再次工作......但让我困扰的是这种情况已经多次发生。有谁知道我怎样才能防止它再次发生?