Hi,

I'm developing an app using qooxdoo and rails. I ran into trouble with
rails using the authenticity_token to prevent CSRF/XSS attacks when
forms are submitted. When I used jquery, the workaround listed at
http://henrik.nyh.se/2008/05/rails-authenticity-token-with-jquery worked
fine.

I did the same with the source/index.html and now the DOM has the
following script tag:

> <script type="text/javascript">
> //<![CDATA[
> var AUTH_TOKEN = "somelonghexstring";
> //]]>
> </script>
Now I don't know how to override the ajax class qx.io.remote.Request to
send the additional "&authenticity_token=tokenhere" along with the POST
parameters. Hope some one with the know how can help me with this.

Thanks for the great framework btw :)

cheers,
skar.

-- 
--
The life so short, the craft so long to learn. 


------------------------------------------------------------------------------
_______________________________________________
qooxdoo-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel

Reply via email to