Hi- I''m working on a Rails app that exposes a simple web service and an accompanying mobile client. It appears that I am unable to POST data to the service with the CSRF protection in place. What is the best way to deal with this from mobile clients? Should I embed the authenticity token as part of every request to the service? Seems like this wouldn''t be the best approach. Any advice would be great, thanks! -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.