This appears to be some kind of routing issue since facebook wraps
everything in a post... so here''s what I''m doing:
<% form_for :article, :url => { :action => "update", :id
=> @article }
do |f| %>
<%= render :partial => "form", :locals => { :f => f }
%>
<% end -%>
renders:
<form action="/myapp/articles/7" method="post">
....
</form>
The form comes up populated with the model data, but I submit though I get:
Unknown action
No action responded to 7
In the rake routes the "update" requires a HTTP "put" so
I''m wondering
if that is causing the problem.
thanks
Try something like this:
form_for :article, :url => { :action => "update", :id =>
@article }, :html => { :method => :put } do |f|
That should give you the ''PUT'' method.
On Sep 17, 2008, at 11:09 PM, Allen Walker wrote:
> This appears to be some kind of routing issue since facebook wraps
> everything in a post... so here''s what I''m doing:
>
> <% form_for :article, :url => { :action => "update", :id
=>
> @article } do |f|
> %> <%=
> render :partial => "form", :locals => { :f => f } %>
> <% end -%>
> renders:
>
> <form action="/myapp/articles/7" method="post">
>
> ....
> </form>
> The form comes up populated with the model data, but I submit though
> I get:
>
>
> Unknown action
>
> No action responded to 7
>
>
>
> In the rake routes the "update" requires a HTTP "put"
so I''m
> wondering if that is causing the problem.
>
> thanks
> _______________________________________________
> Facebooker-talk mailing list
> Facebooker-talk at rubyforge.org
> http://rubyforge.org/mailman/listinfo/facebooker-talk
Thanks, that worked. Tres Wong-Godfrey wrote:> > Try something like this: > form_for :article, :url => { :action => "update", :id => @article }, > :html => { :method => :put } do |f| > > That should give you the ''PUT'' method. > > > On Sep 17, 2008, at 11:09 PM, Allen Walker wrote: > >> This appears to be some kind of routing issue since facebook wraps >> everything in a post... so here''s what I''m doing: >> >> <% form_for :article, :url => { :action => "update", :id => @article >> } do |f| %> <%= >> render :partial => "form", :locals => { :f => f } %> >> <% end -%> >> renders: >> >> <form action="/myapp/articles/7" method="post"> >> >> .... >> </form> >> The form comes up populated with the model data, but I submit though >> I get: >> >> >> Unknown action >> >> No action responded to 7 >> >> >> >> In the rake routes the "update" requires a HTTP "put" so I''m >> wondering if that is causing the problem. >> >> thanks >> _______________________________________________ >> Facebooker-talk mailing list >> Facebooker-talk at rubyforge.org >> http://rubyforge.org/mailman/listinfo/facebooker-talk > >
I''m now trying to do a "destroy". I do this:
<%=link_to("Delete", url_for(:controller =>
"articles", :action =>
"destroy", :id => article, :_method => :delete), :confirm =>
''Are you
sure?'' )%>
When i execute it, i get:
ActionController::InvalidAuthenticityToken in ArticlesController#destroy
ActionController::InvalidAuthenticityToken
If I comment out "protect_from_forgery :secret =>
''xx''" in application.rb I get when i just try to view the
page:
ActionView::TemplateError (No :secret given to the #protect_from_forgery call.
Set that or use a session store capable of generating its own keys (Cookie
Session Store).)
Tres Wong-Godfrey wrote:>
> Try something like this:
> form_for :article, :url => { :action => "update", :id
=> @article },
> :html => { :method => :put } do |f|
>
> That should give you the ''PUT'' method.
>
>
> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote:
>
>> This appears to be some kind of routing issue since facebook wraps
>> everything in a post... so here''s what I''m doing:
>>
>> <% form_for :article, :url => { :action => "update",
:id => @article
>> } do |f| %>
<%=
>> render :partial => "form", :locals => { :f => f }
%>
>> <% end -%>
>> renders:
>>
>> <form action="/myapp/articles/7"
method="post">
>>
>> ....
>> </form>
>> The form comes up populated with the model data, but I submit though
>> I get:
>>
>>
>> Unknown action
>>
>> No action responded to 7
>>
>>
>>
>> In the rake routes the "update" requires a HTTP
"put" so I''m
>> wondering if that is causing the problem.
>>
>> thanks
>> _______________________________________________
>> Facebooker-talk mailing list
>> Facebooker-talk at rubyforge.org
>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>
>
Usually you see the InvalidAuthenticityToken when stuff is being posted directly back to your server when you didn''t really want to be. You''d need a :canvas => true in your url generation function in order to avoid that kind of problem. I''d really recommend checking out Mike''s book http://pragprog.com/titles/mmfacer/developing-facebook-platform-applications-with-rails It''s not on paper yet, but you can get the PDF version right now. It''s well worth the cost -- it will get you up and running faster and with less frustration than the oft conflicting tutorials that are out there. On Sep 18, 2008, at 12:09 AM, Allen Walker wrote:> I''m now trying to do a "destroy". I do this: > > <%=link_to("Delete", url_for(:controller => "articles", :action => > "destroy", :id => article, :_method => :delete), :confirm => ''Are > you sure?'' )%> > When i execute it, i get: > > > ActionController::InvalidAuthenticityToken in > ArticlesController#destroy > > ActionController::InvalidAuthenticityToken > > > If I comment out "protect_from_forgery :secret => ''xx''" in > application.rb I get when i just try to view the page: > > ActionView::TemplateError (No :secret given to the > #protect_from_forgery call. Set that or use a session store capable > of generating its own keys (Cookie Session Store).) > > > > > Tres Wong-Godfrey wrote: >> >> Try something like this: >> form_for :article, :url => { :action => "update", :id => >> @article }, :html => { :method => :put } do |f| >> >> That should give you the ''PUT'' method. >> >> >> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote: >> >>> This appears to be some kind of routing issue since facebook wraps >>> everything in a post... so here''s what I''m doing: >>> >>> <% form_for :article, :url => { :action => "update", :id => >>> @article } do |f| >>> %> <%= >>> render :partial => "form", :locals => { :f => f } %> >>> <% end -%> >>> renders: >>> >>> <form action="/myapp/articles/7" method="post"> >>> >>> .... >>> </form> >>> The form comes up populated with the model data, but I submit >>> though I get: >>> >>> >>> Unknown action >>> >>> No action responded to 7 >>> >>> >>> >>> In the rake routes the "update" requires a HTTP "put" so I''m >>> wondering if that is causing the problem. >>> >>> thanks >>> _______________________________________________ >>> Facebooker-talk mailing list >>> Facebooker-talk at rubyforge.org >>> http://rubyforge.org/mailman/listinfo/facebooker-talk >> >> > > _______________________________________________ > Facebooker-talk mailing list > Facebooker-talk at rubyforge.org > http://rubyforge.org/mailman/listinfo/facebooker-talk
Yeah that didn''t work:
<%=link_to("Delete", url_for(:controller =>
"articles", :action =>
"destroy", :id => a\rticle, :_method => :delete,
:canvas=>true),
:confirm => ''Are you sure?'' )%>
Still get:
ActionController::InvalidAuthenticityToken in ArticlesController#destroy
ActionController::InvalidAuthenticityToken
In a form there is a hidden field for the token - autogenerated. In
the link_to there isn''t.
And yes I own both the pdf and the book that hasn''t been released ;)
On Thu, Sep 18, 2008 at 2:49 AM, Tres Wong-Godfrey
<tres.wong-godfrey at saniq.com> wrote:>
> Usually you see the InvalidAuthenticityToken when stuff is being posted
directly back to your server when you didn''t really want to be.
You''d need a :canvas => true in your url generation function in
order to avoid that kind of problem.
>
>
> I''d really recommend checking out Mike''s book
http://pragprog.com/titles/mmfacer/developing-facebook-platform-applications-with-rails
>
> It''s not on paper yet, but you can get the PDF version right now.
>
> It''s well worth the cost -- it will get you up and running faster
and with less frustration than the oft conflicting tutorials that are out there.
>
>
>
>
> On Sep 18, 2008, at 12:09 AM, Allen Walker wrote:
>
>> I''m now trying to do a "destroy". I do this:
>>
>> <%=link_to("Delete", url_for(:controller =>
"articles", :action => "destroy", :id => article,
:_method => :delete), :confirm => ''Are you sure?''
)%>
>> When i execute it, i get:
>>
>>
>> ActionController::InvalidAuthenticityToken in
ArticlesController#destroy
>>
>> ActionController::InvalidAuthenticityToken
>>
>>
>> If I comment out "protect_from_forgery :secret =>
''xx''" in application.rb I get when i just try to view the
page:
>>
>> ActionView::TemplateError (No :secret given to the
#protect_from_forgery call. Set that or use a session store capable of
generating its own keys (Cookie Session Store).)
>>
>>
>>
>>
>> Tres Wong-Godfrey wrote:
>>>
>>> Try something like this:
>>> form_for :article, :url => { :action => "update",
:id => @article }, :html => { :method => :put } do |f|
>>>
>>> That should give you the ''PUT'' method.
>>>
>>>
>>> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote:
>>>
>>>> This appears to be some kind of routing issue since facebook
wraps everything in a post... so here''s what I''m doing:
>>>>
>>>> <% form_for :article, :url => { :action =>
"update", :id => @article } do |f| %>
<%= render :partial => "form", :locals => { :f => f }
%>
>>>> <% end -%>
>>>> renders:
>>>>
>>>> <form action="/myapp/articles/7"
method="post">
>>>>
>>>> ....
>>>> </form>
>>>> The form comes up populated with the model data, but I submit
though I get:
>>>>
>>>>
>>>> Unknown action
>>>>
>>>> No action responded to 7
>>>>
>>>>
>>>>
>>>> In the rake routes the "update" requires a HTTP
"put" so I''m wondering if that is causing the problem.
>>>>
>>>> thanks
>>>> _______________________________________________
>>>> Facebooker-talk mailing list
>>>> Facebooker-talk at rubyforge.org
>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>>>
>>>
>>
>> _______________________________________________
>> Facebooker-talk mailing list
>> Facebooker-talk at rubyforge.org
>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>
--
http://auswalk.blogspot.com
If you''re using RESTful routes anyway, you could just try something like this: link_to "Delete", article_path(article, :canvas => true), :confirm => "Are you sure?", :method => :delete Peep Code has a nice and free cheat sheet for Rails RESTful resource routes. On Sep 18, 2008, at 12:58 AM, Allen Walker wrote:> Yeah that didn''t work: > > <%=link_to("Delete", url_for(:controller => "articles", :action => > "destroy", :id => a\rticle, :_method => :delete, :canvas=>true), > :confirm => ''Are you sure?'' )%> > > Still get: > > ActionController::InvalidAuthenticityToken in > ArticlesController#destroy > > ActionController::InvalidAuthenticityToken > > In a form there is a hidden field for the token - autogenerated. In > the link_to there isn''t. > > And yes I own both the pdf and the book that hasn''t been released ;) > > On Thu, Sep 18, 2008 at 2:49 AM, Tres Wong-Godfrey > <tres.wong-godfrey at saniq.com> wrote: >> >> Usually you see the InvalidAuthenticityToken when stuff is being >> posted directly back to your server when you didn''t really want to >> be. You''d need a :canvas => true in your url generation function in >> order to avoid that kind of problem. >> >> >> I''d really recommend checking out Mike''s book http://pragprog.com/titles/mmfacer/developing-facebook-platform-applications-with-rails >> >> It''s not on paper yet, but you can get the PDF version right now. >> >> It''s well worth the cost -- it will get you up and running faster >> and with less frustration than the oft conflicting tutorials that >> are out there. >> >> >> >> >> On Sep 18, 2008, at 12:09 AM, Allen Walker wrote: >> >>> I''m now trying to do a "destroy". I do this: >>> >>> <%=link_to("Delete", url_for(:controller => "articles", :action => >>> "destroy", :id => article, :_method => :delete), :confirm => ''Are >>> you sure?'' )%> >>> When i execute it, i get: >>> >>> >>> ActionController::InvalidAuthenticityToken in >>> ArticlesController#destroy >>> >>> ActionController::InvalidAuthenticityToken >>> >>> >>> If I comment out "protect_from_forgery :secret => ''xx''" in >>> application.rb I get when i just try to view the page: >>> >>> ActionView::TemplateError (No :secret given to the >>> #protect_from_forgery call. Set that or use a session store >>> capable of generating its own keys (Cookie Session Store).) >>> >>> >>> >>> >>> Tres Wong-Godfrey wrote: >>>> >>>> Try something like this: >>>> form_for :article, :url => { :action => "update", :id => >>>> @article }, :html => { :method => :put } do |f| >>>> >>>> That should give you the ''PUT'' method. >>>> >>>> >>>> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote: >>>> >>>>> This appears to be some kind of routing issue since facebook >>>>> wraps everything in a post... so here''s what I''m doing: >>>>> >>>>> <% form_for :article, :url => { :action => "update", :id => >>>>> @article } do |f| >>>>> %> <%= >>>>> render :partial => "form", :locals => { :f => f } %> >>>>> <% end -%> >>>>> renders: >>>>> >>>>> <form action="/myapp/articles/7" method="post"> >>>>> >>>>> .... >>>>> </form> >>>>> The form comes up populated with the model data, but I submit >>>>> though I get: >>>>> >>>>> >>>>> Unknown action >>>>> >>>>> No action responded to 7 >>>>> >>>>> >>>>> >>>>> In the rake routes the "update" requires a HTTP "put" so I''m >>>>> wondering if that is causing the problem. >>>>> >>>>> thanks >>>>> _______________________________________________ >>>>> Facebooker-talk mailing list >>>>> Facebooker-talk at rubyforge.org >>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk >>>> >>>> >>> >>> _______________________________________________ >>> Facebooker-talk mailing list >>> Facebooker-talk at rubyforge.org >>> http://rubyforge.org/mailman/listinfo/facebooker-talk >> > > > > -- > http://auswalk.blogspot.com > _______________________________________________ > Facebooker-talk mailing list > Facebooker-talk at rubyforge.org > http://rubyforge.org/mailman/listinfo/facebooker-talk
Thanks for help, and it appears what you say is correct --- but inside
the facebook canvas it still thinks it''s a show.. i.e it''s
going to
/articles/:id and showing calling the show action.. even though i''m
specifying the method as ''delete'' here.
here''s what i have explicitly:
%=link_to("Delete", article_path(article, :canvas=>true), :confirm
=>
''Are you sure?'', :method => :delete )%>
and here''s what''s generated :
<a href="/myapp/articles/8" onclick="if (confirm(''Are
you sure?'')) {
var f = document.createElement(''form''); f.style.display =
''none'';
this.parentNode.appendChild(f); f.method = ''POST''; f.action
this.href;var m = document.createElement(''input'');
m.setAttribute(''type'', ''hidden'');
m.setAttribute(''name'', ''_method'');
m.setAttribute(''value'', ''delete'');
f.appendChild(m);var s document.createElement(''input'');
s.setAttribute(''type'', ''hidden'');
s.setAttribute(''name'',
''authenticity_token'');
s.setAttribute(''value'',
''a9e1ed669f4a390352730472ad789405b55fa9c8'');
f.appendChild(s);f.submit(); };return false;">Delete</a>
Strangely it never even asks me "Are you sure?"
On Thu, Sep 18, 2008 at 3:10 AM, Tres Wong-Godfrey
<tres.wong-godfrey at saniq.com> wrote:>
> If you''re using RESTful routes anyway, you could just try
something like
> this:
>
> link_to "Delete", article_path(article, :canvas => true),
:confirm => "Are
> you sure?", :method => :delete
>
> Peep Code has a nice and free cheat sheet for Rails RESTful resource
routes.
>
>
>
> On Sep 18, 2008, at 12:58 AM, Allen Walker wrote:
>
>> Yeah that didn''t work:
>>
>> <%=link_to("Delete", url_for(:controller =>
"articles", :action =>
>> "destroy", :id => a\rticle, :_method => :delete,
:canvas=>true),
>> :confirm => ''Are you sure?'' )%>
>>
>> Still get:
>>
>> ActionController::InvalidAuthenticityToken in
ArticlesController#destroy
>>
>> ActionController::InvalidAuthenticityToken
>>
>> In a form there is a hidden field for the token - autogenerated. In
>> the link_to there isn''t.
>>
>> And yes I own both the pdf and the book that hasn''t been
released ;)
>>
>> On Thu, Sep 18, 2008 at 2:49 AM, Tres Wong-Godfrey
>> <tres.wong-godfrey at saniq.com> wrote:
>>>
>>> Usually you see the InvalidAuthenticityToken when stuff is being
posted
>>> directly back to your server when you didn''t really want
to be. You''d need a
>>> :canvas => true in your url generation function in order to
avoid that kind
>>> of problem.
>>>
>>>
>>> I''d really recommend checking out Mike''s book
>>>
http://pragprog.com/titles/mmfacer/developing-facebook-platform-applications-with-rails
>>>
>>> It''s not on paper yet, but you can get the PDF version
right now.
>>>
>>> It''s well worth the cost -- it will get you up and running
faster and
>>> with less frustration than the oft conflicting tutorials that are
out there.
>>>
>>>
>>>
>>>
>>> On Sep 18, 2008, at 12:09 AM, Allen Walker wrote:
>>>
>>>> I''m now trying to do a "destroy". I do this:
>>>>
>>>> <%=link_to("Delete", url_for(:controller =>
"articles", :action =>
>>>> "destroy", :id => article, :_method =>
:delete), :confirm => ''Are you
>>>> sure?'' )%>
>>>> When i execute it, i get:
>>>>
>>>>
>>>> ActionController::InvalidAuthenticityToken in
ArticlesController#destroy
>>>>
>>>> ActionController::InvalidAuthenticityToken
>>>>
>>>>
>>>> If I comment out "protect_from_forgery :secret =>
''xx''" in
>>>> application.rb I get when i just try to view the page:
>>>>
>>>> ActionView::TemplateError (No :secret given to the
#protect_from_forgery
>>>> call. Set that or use a session store capable of generating
its own keys
>>>> (Cookie Session Store).)
>>>>
>>>>
>>>>
>>>>
>>>> Tres Wong-Godfrey wrote:
>>>>>
>>>>> Try something like this:
>>>>> form_for :article, :url => { :action =>
"update", :id => @article },
>>>>> :html => { :method => :put } do |f|
>>>>>
>>>>> That should give you the ''PUT'' method.
>>>>>
>>>>>
>>>>> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote:
>>>>>
>>>>>> This appears to be some kind of routing issue since
facebook wraps
>>>>>> everything in a post... so here''s what
I''m doing:
>>>>>>
>>>>>> <% form_for :article, :url => { :action =>
"update", :id => @article }
>>>>>> do |f| %>
<%= render
>>>>>> :partial => "form", :locals => { :f
=> f } %>
>>>>>> <% end -%>
>>>>>> renders:
>>>>>>
>>>>>> <form action="/myapp/articles/7"
method="post">
>>>>>>
>>>>>> ....
>>>>>> </form>
>>>>>> The form comes up populated with the model data, but I
submit though I
>>>>>> get:
>>>>>>
>>>>>>
>>>>>> Unknown action
>>>>>>
>>>>>> No action responded to 7
>>>>>>
>>>>>>
>>>>>>
>>>>>> In the rake routes the "update" requires a
HTTP "put" so I''m wondering
>>>>>> if that is causing the problem.
>>>>>>
>>>>>> thanks
>>>>>> _______________________________________________
>>>>>> Facebooker-talk mailing list
>>>>>> Facebooker-talk at rubyforge.org
>>>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Facebooker-talk mailing list
>>>> Facebooker-talk at rubyforge.org
>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>>>
>>
>>
>>
>> --
>> http://auswalk.blogspot.com
>> _______________________________________________
>> Facebooker-talk mailing list
>> Facebooker-talk at rubyforge.org
>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>
>
--
http://auswalk.blogspot.com
Facebook filters confirm() from javascript, so that makes sense. I''m sorry I didn''t think about that before. I''ve personally had problems getting remote_link_to and link_to working the way I''d like using RESTful routes in Facebook. It''s been easier just to define a dedicated named route with a :method => :any for what I needed done, or use a form. It''s one of those things like FBJS -- you have to change the way you''d normally do things in order to accommodate Facebook''s rules. On Sep 18, 2008, at 1:38 AM, Allen Walker wrote:> Thanks for help, and it appears what you say is correct --- but inside > the facebook canvas it still thinks it''s a show.. i.e it''s going to > /articles/:id and showing calling the show action.. even though i''m > specifying the method as ''delete'' here. > > here''s what i have explicitly: > > %=link_to("Delete", article_path(article, :canvas=>true), :confirm => > ''Are you sure?'', :method => :delete )%> > > and here''s what''s generated : > > <a href="/myapp/articles/8" onclick="if (confirm(''Are you sure?'')) { > var f = document.createElement(''form''); f.style.display = ''none''; > this.parentNode.appendChild(f); f.method = ''POST''; f.action > this.href;var m = document.createElement(''input''); > m.setAttribute(''type'', ''hidden''); m.setAttribute(''name'', ''_method''); > m.setAttribute(''value'', ''delete''); f.appendChild(m);var s > document.createElement(''input''); s.setAttribute(''type'', ''hidden''); > s.setAttribute(''name'', ''authenticity_token''); s.setAttribute(''value'', > ''a9e1ed669f4a390352730472ad789405b55fa9c8''); > f.appendChild(s);f.submit(); };return false;">Delete</a> > > > Strangely it never even asks me "Are you sure?" > > On Thu, Sep 18, 2008 at 3:10 AM, Tres Wong-Godfrey > <tres.wong-godfrey at saniq.com> wrote: >> >> If you''re using RESTful routes anyway, you could just try something >> like >> this: >> >> link_to "Delete", article_path(article, :canvas => true), :confirm >> => "Are >> you sure?", :method => :delete >> >> Peep Code has a nice and free cheat sheet for Rails RESTful >> resource routes. >> >> >> >> On Sep 18, 2008, at 12:58 AM, Allen Walker wrote: >> >>> Yeah that didn''t work: >>> >>> <%=link_to("Delete", url_for(:controller => "articles", :action => >>> "destroy", :id => a\rticle, :_method => :delete, :canvas=>true), >>> :confirm => ''Are you sure?'' )%> >>> >>> Still get: >>> >>> ActionController::InvalidAuthenticityToken in >>> ArticlesController#destroy >>> >>> ActionController::InvalidAuthenticityToken >>> >>> In a form there is a hidden field for the token - autogenerated. In >>> the link_to there isn''t. >>> >>> And yes I own both the pdf and the book that hasn''t been released ;) >>> >>> On Thu, Sep 18, 2008 at 2:49 AM, Tres Wong-Godfrey >>> <tres.wong-godfrey at saniq.com> wrote: >>>> >>>> Usually you see the InvalidAuthenticityToken when stuff is being >>>> posted >>>> directly back to your server when you didn''t really want to be. >>>> You''d need a >>>> :canvas => true in your url generation function in order to avoid >>>> that kind >>>> of problem. >>>> >>>> >>>> I''d really recommend checking out Mike''s book >>>> http://pragprog.com/titles/mmfacer/developing-facebook-platform-applications-with-rails >>>> >>>> It''s not on paper yet, but you can get the PDF version right now. >>>> >>>> It''s well worth the cost -- it will get you up and running faster >>>> and >>>> with less frustration than the oft conflicting tutorials that are >>>> out there. >>>> >>>> >>>> >>>> >>>> On Sep 18, 2008, at 12:09 AM, Allen Walker wrote: >>>> >>>>> I''m now trying to do a "destroy". I do this: >>>>> >>>>> <%=link_to("Delete", url_for(:controller => "articles", :action => >>>>> "destroy", :id => article, :_method => :delete), :confirm => >>>>> ''Are you >>>>> sure?'' )%> >>>>> When i execute it, i get: >>>>> >>>>> >>>>> ActionController::InvalidAuthenticityToken in >>>>> ArticlesController#destroy >>>>> >>>>> ActionController::InvalidAuthenticityToken >>>>> >>>>> >>>>> If I comment out "protect_from_forgery :secret => ''xx''" in >>>>> application.rb I get when i just try to view the page: >>>>> >>>>> ActionView::TemplateError (No :secret given to the >>>>> #protect_from_forgery >>>>> call. Set that or use a session store capable of generating its >>>>> own keys >>>>> (Cookie Session Store).) >>>>> >>>>> >>>>> >>>>> >>>>> Tres Wong-Godfrey wrote: >>>>>> >>>>>> Try something like this: >>>>>> form_for :article, :url => { :action => "update", :id => >>>>>> @article }, >>>>>> :html => { :method => :put } do |f| >>>>>> >>>>>> That should give you the ''PUT'' method. >>>>>> >>>>>> >>>>>> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote: >>>>>> >>>>>>> This appears to be some kind of routing issue since facebook >>>>>>> wraps >>>>>>> everything in a post... so here''s what I''m doing: >>>>>>> >>>>>>> <% form_for :article, :url => { :action => "update", :id => >>>>>>> @article } >>>>>>> do |f| %> < >>>>>>> %= render >>>>>>> :partial => "form", :locals => { :f => f } %> >>>>>>> <% end -%> >>>>>>> renders: >>>>>>> >>>>>>> <form action="/myapp/articles/7" method="post"> >>>>>>> >>>>>>> .... >>>>>>> </form> >>>>>>> The form comes up populated with the model data, but I submit >>>>>>> though I >>>>>>> get: >>>>>>> >>>>>>> >>>>>>> Unknown action >>>>>>> >>>>>>> No action responded to 7 >>>>>>> >>>>>>> >>>>>>> >>>>>>> In the rake routes the "update" requires a HTTP "put" so I''m >>>>>>> wondering >>>>>>> if that is causing the problem. >>>>>>> >>>>>>> thanks >>>>>>> _______________________________________________ >>>>>>> Facebooker-talk mailing list >>>>>>> Facebooker-talk at rubyforge.org >>>>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Facebooker-talk mailing list >>>>> Facebooker-talk at rubyforge.org >>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk >>>> >>> >>> >>> >>> -- >>> http://auswalk.blogspot.com >>> _______________________________________________ >>> Facebooker-talk mailing list >>> Facebooker-talk at rubyforge.org >>> http://rubyforge.org/mailman/listinfo/facebooker-talk >> >> > > > > -- > http://auswalk.blogspot.com > _______________________________________________ > Facebooker-talk mailing list > Facebooker-talk at rubyforge.org > http://rubyforge.org/mailman/listinfo/facebooker-talk
On Sep 18, 2008, at 4:38 AM, Allen Walker wrote:> Thanks for help, and it appears what you say is correct --- but inside > the facebook canvas it still thinks it''s a show.. i.e it''s going to > /articles/:id and showing calling the show action.. even though i''m > specifying the method as ''delete'' here. > > here''s what i have explicitly: > > %=link_to("Delete", article_path(article, :canvas=>true), :confirm => > ''Are you sure?'', :method => :delete )%> >This isn''t going to work. Unfortunately, Rails makes this work by using javascript to create a form inline using JavaScript. That same javascript won''t run under Facebook. You can use a button_to which actually creates a real form (I believe) You can probably get the button styled to look like a link as well. I''d love to have a workaround for this, but I haven''t figured one out yet. Mike> and here''s what''s generated : > > <a href="/myapp/articles/8" onclick="if (confirm(''Are you sure?'')) { > var f = document.createElement(''form''); f.style.display = ''none''; > this.parentNode.appendChild(f); f.method = ''POST''; f.action > this.href;var m = document.createElement(''input''); > m.setAttribute(''type'', ''hidden''); m.setAttribute(''name'', ''_method''); > m.setAttribute(''value'', ''delete''); f.appendChild(m);var s > document.createElement(''input''); s.setAttribute(''type'', ''hidden''); > s.setAttribute(''name'', ''authenticity_token''); s.setAttribute(''value'', > ''a9e1ed669f4a390352730472ad789405b55fa9c8''); > f.appendChild(s);f.submit(); };return false;">Delete</a> > > > Strangely it never even asks me "Are you sure?" > > On Thu, Sep 18, 2008 at 3:10 AM, Tres Wong-Godfrey > <tres.wong-godfrey at saniq.com> wrote: >> >> If you''re using RESTful routes anyway, you could just try something >> like >> this: >> >> link_to "Delete", article_path(article, :canvas => true), :confirm >> => "Are >> you sure?", :method => :delete >> >> Peep Code has a nice and free cheat sheet for Rails RESTful >> resource routes. >> >> >> >> On Sep 18, 2008, at 12:58 AM, Allen Walker wrote: >> >>> Yeah that didn''t work: >>> >>> <%=link_to("Delete", url_for(:controller => "articles", :action => >>> "destroy", :id => a\rticle, :_method => :delete, :canvas=>true), >>> :confirm => ''Are you sure?'' )%> >>> >>> Still get: >>> >>> ActionController::InvalidAuthenticityToken in >>> ArticlesController#destroy >>> >>> ActionController::InvalidAuthenticityToken >>> >>> In a form there is a hidden field for the token - autogenerated. In >>> the link_to there isn''t. >>> >>> And yes I own both the pdf and the book that hasn''t been released ;) >>> >>> On Thu, Sep 18, 2008 at 2:49 AM, Tres Wong-Godfrey >>> <tres.wong-godfrey at saniq.com> wrote: >>>> >>>> Usually you see the InvalidAuthenticityToken when stuff is being >>>> posted >>>> directly back to your server when you didn''t really want to be. >>>> You''d need a >>>> :canvas => true in your url generation function in order to avoid >>>> that kind >>>> of problem. >>>> >>>> >>>> I''d really recommend checking out Mike''s book >>>> http://pragprog.com/titles/mmfacer/developing-facebook-platform-applications-with-rails >>>> >>>> It''s not on paper yet, but you can get the PDF version right now. >>>> >>>> It''s well worth the cost -- it will get you up and running faster >>>> and >>>> with less frustration than the oft conflicting tutorials that are >>>> out there. >>>> >>>> >>>> >>>> >>>> On Sep 18, 2008, at 12:09 AM, Allen Walker wrote: >>>> >>>>> I''m now trying to do a "destroy". I do this: >>>>> >>>>> <%=link_to("Delete", url_for(:controller => "articles", :action => >>>>> "destroy", :id => article, :_method => :delete), :confirm => >>>>> ''Are you >>>>> sure?'' )%> >>>>> When i execute it, i get: >>>>> >>>>> >>>>> ActionController::InvalidAuthenticityToken in >>>>> ArticlesController#destroy >>>>> >>>>> ActionController::InvalidAuthenticityToken >>>>> >>>>> >>>>> If I comment out "protect_from_forgery :secret => ''xx''" in >>>>> application.rb I get when i just try to view the page: >>>>> >>>>> ActionView::TemplateError (No :secret given to the >>>>> #protect_from_forgery >>>>> call. Set that or use a session store capable of generating its >>>>> own keys >>>>> (Cookie Session Store).) >>>>> >>>>> >>>>> >>>>> >>>>> Tres Wong-Godfrey wrote: >>>>>> >>>>>> Try something like this: >>>>>> form_for :article, :url => { :action => "update", :id => >>>>>> @article }, >>>>>> :html => { :method => :put } do |f| >>>>>> >>>>>> That should give you the ''PUT'' method. >>>>>> >>>>>> >>>>>> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote: >>>>>> >>>>>>> This appears to be some kind of routing issue since facebook >>>>>>> wraps >>>>>>> everything in a post... so here''s what I''m doing: >>>>>>> >>>>>>> <% form_for :article, :url => { :action => "update", :id => >>>>>>> @article } >>>>>>> do |f| %> < >>>>>>> %= render >>>>>>> :partial => "form", :locals => { :f => f } %> >>>>>>> <% end -%> >>>>>>> renders: >>>>>>> >>>>>>> <form action="/myapp/articles/7" method="post"> >>>>>>> >>>>>>> .... >>>>>>> </form> >>>>>>> The form comes up populated with the model data, but I submit >>>>>>> though I >>>>>>> get: >>>>>>> >>>>>>> >>>>>>> Unknown action >>>>>>> >>>>>>> No action responded to 7 >>>>>>> >>>>>>> >>>>>>> >>>>>>> In the rake routes the "update" requires a HTTP "put" so I''m >>>>>>> wondering >>>>>>> if that is causing the problem. >>>>>>> >>>>>>> thanks >>>>>>> _______________________________________________ >>>>>>> Facebooker-talk mailing list >>>>>>> Facebooker-talk at rubyforge.org >>>>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Facebooker-talk mailing list >>>>> Facebooker-talk at rubyforge.org >>>>> http://rubyforge.org/mailman/listinfo/facebooker-talk >>>> >>> >>> >>> >>> -- >>> http://auswalk.blogspot.com >>> _______________________________________________ >>> Facebooker-talk mailing list >>> Facebooker-talk at rubyforge.org >>> http://rubyforge.org/mailman/listinfo/facebooker-talk >> >> > > > > -- > http://auswalk.blogspot.com > _______________________________________________ > Facebooker-talk mailing list > Facebooker-talk at rubyforge.org > http://rubyforge.org/mailman/listinfo/facebooker-talk-- Mike Mangino http://www.elevatedrails.com