Rails 5 ActionController::InvalidAuthenticityToken 错误 [英] Rails 5 ActionController::InvalidAuthenticityToken error
问题描述
我有一个 rails 应用程序,我打算升级到 rails 5.我正在使用 devise(v4.2.0) 和 rails(v5.0.0).正如设计 README.md 文件中所建议的那样,我尝试将protect_from_forgery 移动到before_filter 之上,但是当我尝试登录或更新我的错误时,我仍然收到错误ActionController::InvalidAuthenticityToken
I have a rails application which I am planning to upgrade to rails 5. I am using devise(v4.2.0) along with rails(v5.0.0). As suggested in devise README.md file, I tried moving the protect_from_forgery above the before_filter but still when I am trying to login or update my bug I get an error ActionController::InvalidAuthenticityToken
我的应用程序控制器
是
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception, prepend: true
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
devise_parameter_sanitizer.permit(:account_update, keys: [:name])
end
end
而我的另一个 BugController
是
class BugsController < ApplicationController
protect_from_forgery prepend: true, with: :exception
before_action :authenticate_user!
before_action :set_bug, only: [:show, :edit, :update]
def update
respond_to do |format|
if @bug.update(bug_params)
format.html { redirect_to @bug, notice: 'Bug was successfully updated.' }
format.json { render :show, status: :ok, location: @bug }
else
format.html { render :edit }
format.json { render json: @bug.errors, status: :unprocessable_entity }
end
end
end
private
def bug_params
params.require(:bug).permit(:product, :component, :title, :description, :status_id, :created_by_id, :assigned_to_id)
end
end
推荐答案
注意:虽然此答案具有预期效果,但它降低了整体安全性.以下 Alon 的回答更正确,并维护了网站的安全.
Note: While this answer has the desired effect, it does so by reducing overall security. The below answer by Alon is more correct and maintains the security of the site.
class BugsController < ApplicationController
skip_before_filter :verify_authenticity_token
protect_from_forgery prepend: true, with: :exception
before_action :authenticate_user!
before_action :set_bug, only: [:show, :edit, :update]
end
喜欢这个
这篇关于Rails 5 ActionController::InvalidAuthenticityToken 错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!