José Valim
2008-Jun-12 12:17 UTC
request_forgery_protection_token should be set at ActionController::Base load time
If @@request_forgery_protection_token is not set in ActionController::Base, it can raise an InvalidAuthenticityToken error when one controller creates a form that will post in another controller. Patch and better explanation here: http://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/402-request_forgery_protection_token-should-be-set-at-actioncontroller-base-load-time --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to rubyonrails-core@googlegroups.com To unsubscribe from this group, send email to rubyonrails-core-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---