3

我从 Rails 3 升级到 Rails4,现在我在生产中随机收到 InvalidAuthenticityToken 错误,仅针对不同的操作。我尝试过,但我无法重现它。params 哈希包含真实性令牌。

Parameters : {"utf8"=>"✓", "authenticity_token"=>"26+QxdF3aHveYkibn9DJ8Hgz6mUna2v8MOp1bnM78cg=", "session"=>{"email"=>"abc@xyz.com", "password"=>"[FILTERED]"}, "commit"=>"Sign In", "action"=>"create", "controller"=>"sessions"}

Parameters : {"_method"=>"delete", "authenticity_token"=>"uafnPb4DjEJuW9YCTP9UB5tXyGlKbZh6uXlc6MVIoG8=", "controller"=>"sessions", "action"=>"destroy"}

Parameters : {"utf8"=>"✓", "authenticity_token"=>"Nhp4VNI9XJS7yqGRgGewOJ3ilkZSwMhmceXoOsoL/fw=", "volunteer_record"=>{"activity"=>"OTHER", "note"=>"Tuned the Melody Harp -- a tricky little beast....", "hh"=>"", "mm"=>"30"}, "commit"=>"Save", "action"=>"create", "controller"=>"volunteer_records"}

任何有关如何解决此问题的线索将不胜感激。protect_from_forgery设置with: :exception为。

4

1 回答 1

1

使用

protect_from_forgery: :reset_session

为我工作。这是 Rails 3 中的默认设置。

于 2013-11-08T16:56:56.043 回答