search for: request_forgery_protect

...radio_button_tag ''user_type'', ''student'', true %> Student</label> 5: <label><%= radio_button_tag ''user_type'', ''instructor'' %> Teacher</ label> vendor/rails/actionpack/lib/action_controller/ request_forgery_protection.rb:114:in `form_authenticity_token'' (eval):2:in `send'' (eval):2:in `form_authenticity_token'' vendor/rails/actionpack/lib/action_view/helpers/ form_tag_helper.rb:453:in `token_tag'' vendor/rails/actionpack/lib/action_view/helpers/ form_tag_...

...uot;AuthenticityToken" which might expire after a certain time, or something along those lines)? Any idea how that error could be prevented from occurring? The "backtrace" always starts like this: ================= /usr/lib/ruby/gems/1.8/gems/actionpack-2.3.3/lib/action_controller/request_forgery_protection.rb:79:in `verify_authenticity_token'' /usr/lib/ruby/gems/1.8/gems/activesupport-2.3.3/lib/active_support/callbacks.rb:178:in `send'' /usr/lib/ruby/gems/1.8/gems/activesupport-2.3.3/lib/active_support/callbacks.rb:178:in `evaluate_method'' /usr/lib/ruby/gems/1.8/gems/ac...

I''m setting up a Paypal IPN listener and need the create action to not use rails'' default CSRF protection. I''ve got that working fine & test it actually works with cucumber (where I''ve turned CSRF back on, since it''s full-stack testing) but would like my controller spec to mention the need for protect_from_forgery :except => [:create] (and fail

..._digg_session'', :secret => ''cc86e984ae6e2b376f9328a73f4df2555a9f96970553b2fa4bb17cc04192c64b24a86c166aa69392100586b0ebd8c6715839bc8a3576b549b13d3157f615ddba'' } The trace is below: /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/ action_controller/request_forgery_protection.rb:79:in `verify_authenticity_token'' /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/ action_controller/filters.rb:469:in `send!'' /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/ action_controller/filters.rb:469:in `call'' /usr/local/lib/ruby/gems/1.8/gems...

...s/1.9.1/gems/actionpack-2.3.4/lib/ action_controller/session/abstract_store.rb:61:in `load!'' /usr/local/lib/ruby/gems/1.9.1/gems/actionpack-2.3.4/lib/ action_controller/session/abstract_store.rb:28:in `[]'' /usr/local/lib/ruby/gems/1.9.1/gems/actionpack-2.3.4/lib/ action_controller/request_forgery_protection.rb:102:in `form_authenticity_token'' (eval):2:in `form_authenticity_token'' /home/kashyap/Lab/sitara/app/views/resources/new.html.erb:3:in `_run_erb_app47views47resources47new46html46erb'' /home/kashyap/Lab/sitara/app/controllers/resources_controller.rb:29:in `new'...

...atabase (p. 68) I get ActionController::InvalidAuthenticityToken in AdminController#create ActionController::InvalidAuthenticityToken RAILS_ROOT: C:/ruby/myprojects/ajaxonrails Application Trace | Framework Trace | Full Trace c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/request_forgery_protection.rb:79:in `verify_authenticity_token'' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:469:in `send!'' c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/filters.rb:469:in `call'' c:/ruby/lib/ruby/gems/1.8/gems/actionpack...

Has anybody solved this issue. [ http://rubyforge.org/pipermail/facebooker-talk/2008-April/000552.html ] ? NameError (undefined local variable or method `controller'' for #<LeaveController:0xb7144abc>): /app/controllers/application.rb:24:in `verify_authenticity_token''

...ot;fb_sig_user"=>"1487557007", "fb_sig_registration"=>"1"} Rails then throws the following error: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken): c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/request_forgery_protection.rb:86:in `verify_authenticity_token'' -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://rubyforge.org/pipermail/facebooker-talk/attachments/20080908/ddc24074/attachment.html>

...cation_helper.rb:8:in `login_logout'' ./spec/helpers/application_helper_spec.rb:28: I have looked into patching rspec to include the "protect_against_forgery?" helper, but it''s included dynamically via a "helper_method :protect_against_forgery?" call in request_forgery_protection.rb I have forged the forgery_protection by adding this to my spec_helper.rb def protect_against_forgery? end Probably not the most elegant solution, but for now it works cu jc -- Jens-Christian Fischer - InVisible GmbH Tel: +41 79 691 05 48 http://www.invisible.ch, http://blog.invisible.c...

...t;% form_for(@page) do |f| %> 6: <p> 7: <b>Name</b><br /> 8: <%= f.text_field :name %> RAILS_ROOT: C:/www/rails_apps/myapp Application Trace | Framework Trace | Full Trace c:/www/ruby/lib/ruby/gems/1.8/gems/actionpack-1.13.3.7707/lib/ action_controller/request_forgery_protection.rb:101:in `form_authenticity_token'' (eval):2:in `send'' (eval):2:in `form_authenticity_token'' app/views/pages/edit.html.erb:5:in `_run_erb_47app47views47pages47edit46html46erb'' Do I need to do something else besides create the database table and uncomment the...

Hi, I was trying to write a RESTful service and was planning on testing via tools such as cURL and the basic http libs. With the InvalidAuthenticityToken piece that is turned by default in Rails 2.0.2, I have to provide the token with each request. This is something of a pain for a programmable client that may not make a GET request before performing other actions, specifically POST, PUT and

Hi All - I have a form_for that I''m trying to convert to remote_form_for, and I keep get this error: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken): /usr/lib/ruby/gems/1.8/gems/actionpack-2.2.2/lib/action_controller/request_forgery_protection.rb:86:in `verify_authenticity_token'' /usr/lib/ruby/gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in `send'' /usr/lib/ruby/gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in `evaluate_method'' /usr/lib/ruby/gems/1....

...gems/1.9.1/gems/actionpack-2.3.4/lib/action_controller/session/abstract_store.rb:61:in `load!'' /usr/local/lib/ruby/gems/1.9.1/gems/actionpack-2.3.4/lib/action_controller/session/abstract_store.rb:28:in `[]'' /usr/local/lib/ruby/gems/1.9.1/gems/actionpack-2.3.4/lib/action_controller/request_forgery_protection.rb:102:in `form_authenticity_token'' (eval):2:in `form_authenticity_token'' /Users/username/Sites/Ruby/sample2/app/views/pages/new.html.erb:3:in `_run_erb_app47views47pages47new46html46erb'' /Users/username/Sites/Ruby/sample2/app/controllers/pages_controller.rb:29:in `new...

Hi! To send the authenticity token from flex back to the server, I followed this: http://blog.dt.org/index.php/2008/06/rails-2-flex-3-and-form-authenticity-tokens/ I have two controllers in my rails app. The method described in the link above works with the actions in one controller, but does not work with the other. The controller which does not work has just one action which performs a file