El Friday 20 June 2008 19:04:04 Manfred Stienstra escribió: > On Jun 20, 2008, at 6:49 PM, Antonio Tapiador del Dujo wrote: > > Rails 2.1 Request Forgery Protection is incompatible with > > implementations > > > > New 'verifiable_request_format?' function > > (action_controller/request_forgery_protection.rb:101) is banning > > DELETE > > requests, where request.content_type is nil > > > > It also forbids posting any type of media, like images. This should > > we solved > > adding every content type to @@unverifiable_types in Mime::Type > > > > Any comments? > > A quick workaround would be to turn off forgery protection by removing > 'protect_from_forgery' from the ApplicationController.
Sure, but I'd like that functionality enabled for common requests --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
