Yeah, Andy is right. Why don't you send us the code that generates these error requests? I have seen this error in some Ajax components like autocomplete. They create a form but do not send the token.
I post this into my blog: http://blogdomario.wordpress.com/2009/05/29/autocomplete-versus-rails-2-x/ 2010/2/22 Andy Jeffries <[email protected]> > The Authenticity Token is a value that is inserted in to forms (when using > the form_for helper) that is then checked when the submit request is sent. > It helps prevent CSRF attacks. > > What is likely happening is that you're generating your own form and not > including the token (which you can do by inserting a hidden field and using > the authenticity_token helper). > > You can learn more about CSRF and Rails' protection at: > > http://en.wikipedia.org/wiki/Cross-site_request_forgery > http://guides.rubyonrails.org/security.html#cross-site-request-forgery-csrf > > Cheers, > > > Andy > > -- > Andy Jeffries > http://andyjeffries.co.uk/ #rubyonrails #mysql #jquery > Registered address: 64 Sish Lane, Stevenage, Herts, SG1 3LS > Company number: 5452840 > > > On 22 February 2010 17:01, Tom Ha <[email protected]> wrote: > >> Hi there, >> >> I have my first Rails app running and I regularly get the following >> "logged_exception" error message: >> >> "ActionController::InvalidAuthenticityToken" >> >> Has anybody an idea what might cause this problem? Could it somehow be a >> "time out" error (like an "AuthenticityToken" which might expire after a >> certain time, or something along those lines)? >> >> Any idea how that error could be prevented from occurring? >> >> The "backtrace" always starts like this: >> >> ================= >> >> /usr/lib/ruby/gems/1.8/gems/actionpack-2.3.3/lib/action_controller/request_forgery_protection.rb:79:in >> `verify_authenticity_token' >> >> >> /usr/lib/ruby/gems/1.8/gems/activesupport-2.3.3/lib/active_support/callbacks.rb:178:in >> `send' >> >> >> /usr/lib/ruby/gems/1.8/gems/activesupport-2.3.3/lib/active_support/callbacks.rb:178:in >> `evaluate_method' >> >> >> /usr/lib/ruby/gems/1.8/gems/activesupport-2.3.3/lib/active_support/callbacks.rb:166:in >> `call' >> ... >> ================= >> >> Thanks for any help with this! >> Tom >> -- >> Posted via http://www.ruby-forum.com/. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ruby on Rails: Talk" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]<rubyonrails-talk%[email protected]> >> . >> For more options, visit this group at >> http://groups.google.com/group/rubyonrails-talk?hl=en. >> >> > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<rubyonrails-talk%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > -- Mário Sérgio Coelho Marroquim http://blogdomario.wordpress.com http://www.muraldeideias.com.br http://www.credishop.com.br -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
