我ActionController::InvalidAuthenticityToken大约每 30 分钟就会在生产中遇到随机异常。/由于自定义设计路线(来自本教程) ,设计的 RegistrationsController 会接收 POST 请求。
用 at/signup完美注册(没有InvalidAuthenticityToken错误),但在生产中,我猜有刮板或爬虫设置它...
设计路线:
devise_for :users, path: '', path_names: { sign_in: 'login', sign_up: 'signup', sign_out: 'logout' }, controllers: { registrations: "registrations" }
Rails 日志反馈:
I, [2017-06-07T13:18:09.487414 #14257] INFO -- : [01348d04-903a-4abe-8dba-2e3a96d93cca] Started POST "/" for 75.70.12.156 at 2017-06-07 13:18:09 +0800
I, [2017-06-07T13:18:09.496505 #14257] INFO -- : [01348d04-903a-4abe-8dba-2e3a96d93cca] Processing by RegistrationsController#create as HTML
I, [2017-06-07T13:18:09.497071 #14257] INFO -- : [01348d04-903a-4abe-8dba-2e3a96d93cca] Parameters: {"R/RckN2abHl7WVLGyedzqkdm2km4dWEYCEoWaa3k/f9d0aGuBa0YDqXOzArCAHfq1aehtv9mc0R8sJ0t0Q Qwd7J3jbKqDB1bKYlm t7ll6MN7hYni htSDFKgoj2q7m0kkLJs8AizoJ/kFqXVCY98EmXVO jU/ bc5wHzQ7UdpUmV2NHEgB4379MO4/QmdfKDDE URJuEkMKE1b2TSTyX5ewV1Hadj22jZlrIORb2AmXICUx0 5PXlkzFYymzBzrQgQtzBGjWA9scNRAzW0KcJyGm8H3 YZuwN86Js7XhR8FI92jDlcYTGjP/bRA8awf HwpyuKpCR/Ctw5ml8xRR9e6P7JhiE/Zrr3d9lpcHdYV4vNIj8XeUT7DDvAxNNx/Y4JQfU4MvmUK2Xcc7/obvKZjMRJBRR4fLnEzS5HHGNxsTn7VQg"=>""}
W, [2017-06-07T13:18:09.500231 #14257] WARN -- : [01348d04-903a-4abe-8dba-2e3a96d93cca] Can't verify CSRF token authenticity.
I, [2017-06-07T13:18:09.505638 #14257] INFO -- : [01348d04-903a-4abe-8dba-2e3a96d93cca] Completed 422 Unprocessable Entity in 8ms (ActiveRecord: 0.0ms)
F, [2017-06-07T13:18:09.514144 #14257] FATAL -- : [01348d04-903a-4abe-8dba-2e3a96d93cca]
F, [2017-06-07T13:18:09.514690 #14257] FATAL -- : [01348d04-903a-4abe-8dba-2e3a96d93cca] ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
F, [2017-06-07T13:18:09.514921 #14257] FATAL -- : [01348d04-903a-4abe-8dba-2e3a96d93cca]
F, [2017-06-07T13:18:09.515247 #14257] FATAL -- : [01348d04-903a-4abe-8dba-2e3a96d93cca] actionpack (5.0.1) lib/action_controller/metal/request_forgery_protection.rb:195:in `handle_unverified_request'
有没有办法来解决这个问题?
谢谢