thr3ads.net - Rails - protect_from_forgery development mode [Oct 2009]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

John van Dijk

2009-Oct-09 13:44 UTC

protect_from_forgery development mode

Should this be working in development mode?
For some reason it doesn''t.

regards, John

Rick

2009-Oct-09 23:40 UTC

head link

Re: protect_from_forgery development mode

It''s working with Ruby1.9.1p243/Rails2.3.4.
Check config/environments/development.rb and make sure you don''t have
"config.action_controller.allow_forgery_protection = false" in there.

Add protect_from_forgery to ApplicationController and you should see a
<input type="hidden" name="authenticity_token"
value="........./> on
your POST pages.

On Oct 9, 9:44 am, John van Dijk
<rubyli...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> Should this be working in development mode?
> For some reason it doesn''t.
>
> regards, John

Apparently Analagous Threads

protect_from_forgery doesnt protect from forgery
[HELP]No :secret given to the #protect_from_forgery call
rspec-rails how to selectively turn on csrf protection for controller specs?
protect_from_forgery with db-session (Rails 2.3.2)
undefined method `protect_against_forgery?' for #<ActionView

Search for more possibly parallel threads

Rails - Oct 2009 - protect_from_forgery development mode

protect_from_forgery development mode

Re: protect_from_forgery development mode

Apparently Analagous Threads