If @@request_forgery_protection_token is not set in ActionController::Base, it can raise an InvalidAuthenticityToken error when one controller creates a form that will post in another controller.
Patch and better explanation here: http://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/402-request_forgery_protection_token-should-be-set-at-actioncontroller-base-load-time --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
