Rails - Mar 2009 - InvalidAuthenticityToken from home page

I''m trying to create a log in in index.html, but I keep getting an
error
about InvalidAuthenticityToken. I understand this is something that RoR
puts in the forms, and it changes regularly. The problem is that the
home page in the public folder is html, and therefore static. has anyone
else put a log in on their home page?
-- 
Posted via http://www.ruby-forum.com/.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Is it a form? Is the index.html in rails root or the webservers root?
If its rails you can still use the form helpers or pull in a
partial...

On Mar 11, 6:24 pm, Paul Reitz
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
wrote:
> I''m trying to create a log in in index.html, but I keep getting an
error
> about InvalidAuthenticityToken. I understand this is something that RoR
> puts in the forms, and it changes regularly. The problem is that the
> home page in the public folder is html, and therefore static. has anyone
> else put a log in on their home page?
> --
> Posted viahttp://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

@Paul:

You need to disable forgery protection on the login action in order to
use a static home page.

Assuming your login is processed by restful_authentication''s
sessions_controller.rb, add this to that class:

protect_from_forgery, :except => [:create]

That''s it. If that''s unacceptable to you, remove the login
form from
the homepage and replace it with a link to the login page.

Hope that helps!
>
> On Mar 11, 6:24 pm, Paul Reitz
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
> wrote:
>> I''m trying to create a log in in index.html, but I keep
getting an error
>> about InvalidAuthenticityToken. I understand this is something that RoR
>> puts in the forms, and it changes regularly. The problem is that the
>> home page in the public folder is html, and therefore static. has
anyone
>> else put a log in on their home page?
>> --
>> Posted viahttp://www.ruby-forum.com/.
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Thanks for the replies. @Brian, that worked - thank you :)

-- 
Posted via http://www.ruby-forum.com/.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

you also can set forgery protection to false
In rails 2, it is true by default.

Set in environment file

config.action_controller.allow_forgery_protection  = false

On Mar 12, 8:54 am, Paul Reitz
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
wrote:
> Thanks for the replies. @Brian, that worked - thank you :)
>
> --
> Posted viahttp://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

@seja:

Yeah but that''s for the entire app, and it''s not a good idea
to
disable it for the entire ap.

On Thu, Mar 12, 2009 at 2:35 AM, seja
<seja83-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
>
> you also can set forgery protection to false
> In rails 2, it is true by default.
>
> Set in environment file
>
> config.action_controller.allow_forgery_protection  = false
>
> On Mar 12, 8:54 am, Paul Reitz
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
> wrote:
>> Thanks for the replies. @Brian, that worked - thank you :)
>>
>> --
>> Posted viahttp://www.ruby-forum.com/.
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---