On Fri, Aug 28, 2009 at 9:28 PM, Philip Hallstrom <[email protected]> wrote:
> > > What does the below line says > > > > ActionController::InvalidAuthenticityToken > > (ActionController::InvalidAuthenticityToken): > > -e:2:in `load' > > -e:2 > > Rails tries to protect against invalid form submission by setting an > authenticity token. It does this automatically if you use the form > helpers, but if you hard code a form or it's doing something odd > (built with javascript, cached and displayed on multiple pages, etc..) > the token won't get sent. > > Go look at a normal rails form and you'll see a hidden field in the > form "authenticity_token". > > You can tell your controller to ignore it or you can add it yourself. > > > http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html#M000512 > > For example in one of my forms built from jss and using ajax I pass > this along... > > submitdata: {<%= request_forgery_protection_token.to_s %>: '<%= > form_authenticity_token.to_s %>'} > > In another form which doesn't use the Rails helpers so doesn't get the > token set automatically I simply include this b/n my form tags: > > <%= token_tag %> > > Good luck! > > -philip > Hi philip Thank You -- Karthik.k Mobile - +91-9894991640 > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
