I''m trying to create a log in in index.html, but I keep getting an error about InvalidAuthenticityToken. I understand this is something that RoR puts in the forms, and it changes regularly. The problem is that the home page in the public folder is html, and therefore static. has anyone else put a log in on their home page? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Is it a form? Is the index.html in rails root or the webservers root? If its rails you can still use the form helpers or pull in a partial... On Mar 11, 6:24 pm, Paul Reitz <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> I''m trying to create a log in in index.html, but I keep getting an error > about InvalidAuthenticityToken. I understand this is something that RoR > puts in the forms, and it changes regularly. The problem is that the > home page in the public folder is html, and therefore static. has anyone > else put a log in on their home page? > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
@Paul: You need to disable forgery protection on the login action in order to use a static home page. Assuming your login is processed by restful_authentication''s sessions_controller.rb, add this to that class: protect_from_forgery, :except => [:create] That''s it. If that''s unacceptable to you, remove the login form from the homepage and replace it with a link to the login page. Hope that helps!> > On Mar 11, 6:24 pm, Paul Reitz <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > wrote: >> I''m trying to create a log in in index.html, but I keep getting an error >> about InvalidAuthenticityToken. I understand this is something that RoR >> puts in the forms, and it changes regularly. The problem is that the >> home page in the public folder is html, and therefore static. has anyone >> else put a log in on their home page? >> -- >> Posted viahttp://www.ruby-forum.com/. > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Thanks for the replies. @Brian, that worked - thank you :) -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
you also can set forgery protection to false In rails 2, it is true by default. Set in environment file config.action_controller.allow_forgery_protection = false On Mar 12, 8:54 am, Paul Reitz <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Thanks for the replies. @Brian, that worked - thank you :) > > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
@seja: Yeah but that''s for the entire app, and it''s not a good idea to disable it for the entire ap. On Thu, Mar 12, 2009 at 2:35 AM, seja <seja83-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > you also can set forgery protection to false > In rails 2, it is true by default. > > Set in environment file > > config.action_controller.allow_forgery_protection = false > > On Mar 12, 8:54 am, Paul Reitz <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > wrote: >> Thanks for the replies. @Brian, that worked - thank you :) >> >> -- >> Posted viahttp://www.ruby-forum.com/. > > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Possibly Parallel Threads
- [HELP]No :secret given to the #protect_from_forgery call
- InvalidAuthenticityToken problems with my login form
- Upgrade to 2.0.2: InvalidAuthenticityToken error on 1st POST
- Turning off InvalidAuthenticityToken for a RESTful Service
- Help with authentication errors