Kad Kerforn escribió: > I am trying to write a REST web service > > testing locally is fine but whane I deploy the server and try test it > via curl > > curl -i -X POST -H 'Content-Type:application/xml' -d '' > http://mytesteddomain.tld/user/posts/createReference.xml > > I get an error : > > ERROR TYPE: ActionController::InvalidAuthenticityToken > > ERROR MESSAGE: ActionController::InvalidAuthenticityToken > Maybe, you have in your controller (or application controller):
protect_from_forgery That protect you from xss. Error said: You aren't sending "InvalidAuthenticityToken" then you have two options: - Bypass this check in this action. In you controller put: protect_from_forgery :except => [:autocomplete_google_map_city] - Send the parameter "InvalidAuthenticityToken". Create a hidden tag(helper) with it: def token_tag unless protect_against_forgery? '' else tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => form_authenticity_token) end end Regards! -- Rafael Garcia Ortega --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Deploying Rails" group. To post to this group, send email to rubyonrails-deployment@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-deployment?hl=en -~----------~----~----~----~------~----~------~--~---
begin:vcard fn;quoted-printable:Rafael Garc=C3=ADa Ortega n;quoted-printable:Garc=C3=ADa Ortega;Rafael org:ASPgems S.L. email;internet:[EMAIL PROTECTED] tel;work:692686533 x-mozilla-html:FALSE url:http://www.aspgems.com version:2.1 end:vcard