> If you're concerned about security then commenting that out to resolve
> the errors you were getting in development was probably a mistake.
>
Right, well I had this funny feeling about it, but at the time I was
trying to get some javascript stuff to work ..
Anyway, there is a javascript call like this:
function update_server(info)
{
<%= remote_function(:url => {:action => 'resize_field'},
:with => '{col:info.col,width:info.width}')
%>
}
So I just set some routing, I'm not a routing expert, but I did this:
map.connect 'shgrid/resize_field/:col/:width',
:controller => 'shgrid',
:action => 'resize_field'
But I get the error (below). I'm not sure if there's a proper way to
do it with remote_function() ?
Anyway, first I did the main dev, now I am trying to learn more on
security ..
Processing ShgridController#resize_field (for 155.x.x.x at 2009-03-26
16:28:11) [POST]
Session ID: 92c3ef636f552fbeff8e574d96bedb9f
Parameters: {"col"=>"5", "action"=>"resize_field",
"controller"=>"shgrid", "width"=>"66"}
User Load (0.000269) SELECT * FROM "users" WHERE (name = 'Zack2')
LIMIT 1
AdminSetting Load (0.000156) SELECT * FROM "admin_settings" LIMIT
1
ActionController::InvalidAuthenticityToken
(ActionController::InvalidAuthenticityToken):
/usr/local/lib/ruby/gems/1.8/gems/actionpack-2.1.2/lib/
action_controller/request_forgery_protection.rb:86:in
`verify_authenticity_token'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-2.1.2/lib/
active_support/callbacks.rb:173:in `send'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-2.1.2/lib/
active_support/callbacks.rb:173:in `evaluate_method'
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
