Problems with Rails 3 protect_from_forgery

Question

Problems with Rails 3 protect_from_forgery

I have two applications that need to communicate with each other via HTTP. One is a PHP application, and the other is my main application, a Rails application. I need a PHP application to talk to a Rails application by sending it POST data, but when I do this, I get a Notual Authenticity Token error. Anyway, around? Or how can I create my own email token to authenticate my Rails application?

+6

php ruby-on-rails

dennismonsewicz 10 Sep '10 at 14:17

source share

1 answer

Rob di marco · Accepted Answer · 2010-09-10T14:26:24+0000

The documentation for ActionController :: RequestForgeryProtection :: ClassMethods

You can skip the authentication token requirement either by specifying or: except or by forcing the filter before. Example from the documentation ...

class FooController < ApplicationController protect_from_forgery :except => :index # you can disable csrf protection on controller-by-controller basis: skip_before_filter :verify_authenticity_token end

Problems with Rails 3 protect_from_forgery

More articles: