I've almost entirely converted a rails 2.3.5 app to 3pre. I'm having some trouble with protect_from_forgery. I had protect_from_forgery set in application_controller.rb, but run some uploadify ajax stuff in one of my controllers, where I had protect_from_forgery, :except => :add_file set.
In rails 3 I'm getting ActionController::InvalidAuthenticityToken on the ajax upload unless I turn off protect_from_forgery completely in application_controller.rb. Seems like the exception in my FileUpload controller (protect_from_forgery :except => :add_file) isn't taking. Has anyone else experienced this. Should I report a bug or am I doing something wrong? Thanks in advance, Bryan -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
