Hi, i just found where the problem is, see attached patch. With that patch there are no more error 500 when doing xhr requests. I opened a new bug on rails, let's hope it will be fixed soon.
Regards, Jérémy.
diff --git a/actionpack/lib/action_controller/request_forgery_protection.rb b/actionpack/lib/action_controller/request_forgery_protection.rb
index 3e0e94a..1dc6ad6 100644
--- a/actionpack/lib/action_controller/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/request_forgery_protection.rb
@@ -94,6 +94,7 @@ module ActionController #:nodoc:
def verified_request?
!protect_against_forgery? ||
request.method == :get ||
+ request.xhr? ||
!verifiable_request_format? ||
form_authenticity_token == params[request_forgery_protection_token]
end
signature.asc
Description: OpenPGP digital signature
