发表新帖
发表新帖

POST 422 (Unprocessable Entity) in Rails? Due to the routes or the controller?

前端 未结
关注
4 1059
猫巷女王i
猫巷女王i 2020-12-13 04:39

I\'m trying to give users on my website \"points\" or \"credits\" for tweeting about out the brand name.

I have the fancy twitter widget on the appropriate view...

4条回答
  • 庸人自扰
    庸人自扰 (楼主)
    2020-12-13 05:04

    ihaztehcodez(who was last active in 2016 so it won't help nudging him to post an answer) mentions that the skip_before_action :verify_authenticity_token technique is not so secure 'cos you lose forgery protection.

    they mention that the best/secure/'better practise', solutions are mentioned here WARNING: Can't verify CSRF token authenticity rails

    e.g. 

    $.ajaxSetup({
  headers: {
    'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
  }
});

    or

    $.ajax({ url: 'YOUR URL HERE',
  type: 'POST',
  beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content'))},
  data: 'someData=' + someData,
  success: function(response) {
    $('#someDiv').html(response);
  }
});

    or

    putting this within an ajax request

    headers: {
  'X-Transaction': 'POST Example',
  'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
},

    0 讨论(0)
 看不清?
提交回复
热议问题