I have recently been learning and trying to develop some application parts using Rails. One issue I may have is that one of the potential clients will want to have one of their external web pages POST to the Rails controller. I tried the naive approach - copy the HTML generated for the Rails controller action for doing the same POST (Create of a domain object). I had this working, or so I thought until I restarted the server and the hidden field for the application authenticity_token had a value which was no longer valid. I have looked around for various workarounds. Is there a Rails Way to have an HTML page which is served as <app>/ public/welcome.html be able to do an HTML POST to the Rails controller? Is this simply not allowed? Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
James Englert
2008-Dec-09 14:10 UTC
Re: Rails noob confusion - HTML Form Post to Rails Controller?
Its allowed. I think you may need to use something like the following: protect_from_forgery :only => [:create, ...] Hope that helps. On Mon, Dec 8, 2008 at 9:46 PM, Jferg <johngferguson-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > I have recently been learning and trying to develop some application > parts using Rails. One issue I may have is that one of the potential > clients will want to have one of their external web pages POST to the > Rails controller. > > I tried the naive approach - copy the HTML generated for the Rails > controller action for doing the same POST (Create of a domain > object). I had this working, or so I thought until I restarted the > server and the hidden field for the application authenticity_token had > a value which was no longer valid. > > I have looked around for various workarounds. > > Is there a Rails Way to have an HTML page which is served as <app>/ > public/welcome.html be able to do an HTML POST to the Rails > controller? > > Is this simply not allowed? > > Thanks. > > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Jferg
2008-Dec-10 03:14 UTC
Re: Rails noob confusion - HTML Form Post to Rails Controller?
Hmmm.... I am not sure. What I want is to use the create (post) from outside of Rails from a page from another web app (not Rails). The front end does the sign on and other stuff and we are like an add-on. Does that make sense? Perhaps that is pure heresy and I should provide a web service and have the "front end" page call that via Ajax? Apologies if that sounds stupid... I am assuming Rails is pretty capable for implementing web services.. except I thought I read I''d have to step up and do the forgery protection and such myself. - John On Dec 9, 9:10 am, "James Englert" <englert.ja...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Its allowed. I think you may need to use something like the following: > > protect_from_forgery :only => [:create, ...] > > Hope that helps. > > On Mon, Dec 8, 2008 at 9:46 PM, Jferg <johngfergu...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > I have recently been learning and trying to develop some application > > parts using Rails. One issue I may have is that one of the potential > > clients will want to have one of their external web pages POST to the > > Rails controller. > > > I tried the naive approach - copy the HTML generated for the Rails > > controller action for doing the same POST (Create of a domain > > object). I had this working, or so I thought until I restarted the > > server and the hidden field for the application authenticity_token had > > a value which was no longer valid. > > > I have looked around for various workarounds. > > > Is there a Rails Way to have an HTML page which is served as <app>/ > > public/welcome.html be able to do an HTML POST to the Rails > > controller? > > > Is this simply not allowed? > > > Thanks.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Robert Walker
2008-Dec-11 05:47 UTC
Re: Rails noob confusion - HTML Form Post to Rails Controlle
> Hmmm.... I am not sure. What I want is to use the create (post) from > outside of Rails from a page from another web app (not Rails). The > front end does the sign on and other stuff and we are like an add-on. > Does that make sense? Perhaps that is pure heresy and I should > provide a web service and have the "front end" page call that via > Ajax?This sounds like an ideal case for a web service. Humm, it''s funny that Rails 2.0 is all about making RESTful web services drop dead simple. You can do your authentication using HTTP Basic Authentication (easy and plenty secure for this need when used over SSL). Scaffold generated code for the create method in the controller: # POST /people # POST /people.xml def create @person = Person.new(params[:person]) respond_to do |format| if @person.save flash[:notice] = ''Person was successfully created.'' format.html { redirect_to(@person) } format.xml { render :xml => @person, :status => :created, :location => @person } else format.html { render :action => "new" } format.xml { render :xml => @person.errors, :status => :unprocessable_entity } end end end The two lines beginning with format.xml {... are the important bits. This allows you to create new people (in this example) using a REST call. This can be done even from a command line using cURL or from anything that can send an HTTP POST request. In response you get a nice tidy XML document that you can use in the "client" application for reporting the results to the user. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---