问题
I have Rails project which is working on production.
But on localhost it raises on every POST request with ActionController::InvalidAuthenticityToken. I know what is it.
AuthToken is protection from csrf attacks. I have in my application_controller.rb
protect_from_forgery with: :exception #this line raise exception
and csrf_meta_tags present.
I have no any problems in other Rails projects with it.
If I remove param with: :exception session will reset after reloading page.
what is the problem?
回答1:
Can you try this
protect_from_forgery with: :null_session
回答2:
Problem solved!
Project has config in config/environments/development.rb
Rails.application.routes.default_url_options[:host] = 'my_project.dev:3000'
I tried to load project on localhost:3000, but url was my_project.dev:3000.
来源:https://stackoverflow.com/questions/28060089/rails-protect-from-forgery-raises-with-exception