Invalid Ruby on Rails authenticator when using IE

Question

Invalid Ruby on Rails authenticator when using IE

ok for some strange reason IE gives me and InvalidAuthenticityToken an error almost every time a POST request is used. IE doesn't seem to like the "/" and "=" characters, which are sometimes found in authenticity_token. So I thought, did anyone really find a solution for this?

It is more strange that no other browser seems to behave this way.

Thanks in advance.

+7

internet-explorer ruby-on-rails

Jaan j Mar 11 '10 at 12:51

source share

1 answer

tucano · Accepted Answer · 2010-04-22T08:50:05+0000

Same problem with rails application running in iframe, I get:

"the change you wanted was rejected"

In the journal:

ActionController :: InvalidAuthenticityToken

It seems that the problem occurs in IE when developing in an iframe situation, where the main page is in a different domain than the internal page. (es: iframed Facebook apps)

This is because in the default privacy setting for IE, there is a problem with cookies in this situation.

A possible solution is to set the P3P header (try google: p3p iframe internet explorer) For example, in application_controller.rb:

before_filter :set_p3p def set_p3p response.headers["P3P"]='CP="CAO PSA OUR"' end

This works in my case.

Best wishes

Link: http://duanesbrain.blogspot.com/2007/11/facebook-ie-and-iframes.html

Invalid Ruby on Rails authenticator when using IE

More articles: