similar to: Invalid authenticity tokens when using subdomains

Hi guys What does the below line says ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken): -e:2:in `load'' -e:2 Please guide me -- Karthik.k Mobile - +91-9894991640

Yo, I''ve got this data POSTing from a Flash App and I need to figure out how this little <%= token_tag %> works so I can give the Flash the proper validation. See, I get this ActionController::InvalidAuthenticityToken because you know, gotta defend those POSTs, but how do I get the toke into my Flash? I''m somewhat new, so if there is some way obvious easier way then let

Hey All, I''m trying to do a simple form_for (and I also get it with form_tag) and I''m getting the following error: ActionView::TemplateError (No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store).) on line #2 of users/new.fbml.erb: 1: <h1>Welcome To Courses, Let''s Get

Does anyone find them useful? I can see them being good in some cases, but I have many exceptions that occur because of expired sessions. I am also not sure if they are really required for pages that require a login to access. The other place that they cause issues is in javascript requests. I am not using the built-in helpers, and all the javascript exists in separate js files. There is ways

Hi! To send the authenticity token from flex back to the server, I followed this: http://blog.dt.org/index.php/2008/06/rails-2-flex-3-and-form-authenticity-tokens/ I have two controllers in my rails app. The method described in the link above works with the actions in one controller, but does not work with the other. The controller which does not work has just one action which performs a file

Hi all. I am trying to find a way to insert an authenticity_token into the params of an Ajax request before it gets sent. I''ve got this much: Ajax.Responders.register({ onLoading: function(req){ if ((req.options.method == ''post'') && ! Object.keys(req.options.parameters).include(''authenticity_token'')){ ---->

Hi all, I''m getting some weird behavior. I''m developing on two machines, one with os x and the other with windows xp. I was testing one of my registration forms and it worked fine when mongrel_rails was run on the windows machine, but when mongrel was run on os x it kept throwing "ActionController::InvalidAuthenticityToken". I realized I had forgotten the <%=

I attached a rails helper implementation of the fb_table described here: http://wiki.developers.facebook.com/index.php/Facebook_Styles I included testing and comments. I hope you find it useful. Curiously, it''s really a small extension of FBML. Richard -------------- next part -------------- Index: test/rails_integration_test.rb

Hi, I was wondering if anybody who used jQuery with rails could help me out. I have a droppable that fires a simple function, shown below: $("#list").droppable({ accept: ".item", hoverClass: ''droppable-hover'', drop: function(ev, ui) { $(this).append("<br>Dropped!"); } }); But how could I get this to fire a Rails funciton in the

Hi- I am trying to use AJAX calls to login and logout of my Rails app so that the form renders in the side bar when you are not logged in, and your "profile" renders if you are. It all works, but when you logout, and try and log back in, you get "ActionController::InvalidAuthenticityToken", in the development.log. What does this mean, I can''t figure out how to fix

I''m going to go out on a limb here and say the new CSRF protection in Rails is flawed. Why? Forget about caching if you care to use it. Consider the following: <% cache do %> <%= link_to_remote "Add To Favorites", :url => {:controller => "favorites", :action => "create", "movie_id" => 2} %> <% end %> # Output <a

Hi, I have a few questions regarding REST and the Authenticity Token. I''m using a RESTful aproach for my small project and everything worked fine untill I wanted to destroy a record. Lets say we have a listing of folder (a folder is just a record) and I want to destroy one by using this link: <%= link_to image_tag(''icons/folder_delete.png''), {:url =>

Hi, I''m having a problem trying to get a login controller working. When I try and post to my login controller I get the following error: ActionController::InvalidAuthenticityToken in LoginController#login login_controller: class LoginController < ApplicationController def login case request.method when :post if @session[''user''] =

When you generate a default Rails app, it puts this in application.html.erb: <%= csrf_meta_tags %> It does this so the remote forms can be submitted--i.e., so JavaScript can submit a form. When jquery-rails is about to submit a form, it looks for the <meta> tags named "csrf-param" and "csrf-token" and from them it constructs a hidden

Getting an odd error in Safari 4: Here''s the auth token that''s output to my javascript: 4HB8yAW4gU2xEavWOc+kiMoj4XIyCBUK/t704aOQ+co= Here''s what''s listed in the parameters: "authenticity_token"=>"4HB8yAW4gU2xEavWOc kiMoj4XIyCBUK/t704aOQ co=" notice: the +''s are being replaced by spaces. This a specific safari issue? I

Hi there, I have my first Rails app running and I regularly get the following "logged_exception" error message: "ActionController::InvalidAuthenticityToken" Has anybody an idea what might cause this problem? Could it somehow be a "time out" error (like an "AuthenticityToken" which might expire after a certain time, or something along those lines)? Any

Maybe I am grasping the full usage of this protect_from_forgery function, but it does not seem to work for me. Imagine the following: A simple website with a user that needs to log in to do certain stuff and a closed off admin section that only certain users can access that have the is_admin field set to true. So to be clear, my User model has a login, password and is_admin. When displaying the

Hi All, I get this strange problem with newly scaffolded apps - I''d really appreciate any help in this regard. /usr/local/lib/ruby/gems/1.9.1/gems/activesupport-2.3.4/lib/ active_support/message_verifier.rb:46:in `block in secure_compare'' /usr/local/lib/ruby/gems/1.9.1/gems/activesupport-2.3.4/lib/ active_support/message_verifier.rb:45:in `each''

Hi, everyone, I''m trying to update the content of a div using link_to_remote and RJS template. Everything works fine if I use the default Prototype/Scriptaculous libraries, but I want to use jRails ''coz other parts of my application use a lot of jQuery. Here are the steps I done: 1. inside StatesController.rb I defined the following action: def update_view # do nothing just

hi, I am using subdomain-fu for creating subdomains . My doubt is how can we give the subdomains in the etc/hosts ,when the sub-domains are dynamicallybeing created. Ex: i created a subdomain called "user1" and i specified this in etc/ hosts file.So eveery time i cant specify the subdomain which is being created.So can i ovecome this problem. -- You received this message because