没有传入authenticity_token在轨道做AJAX帖子 [英] Doing AJAX Post in rails without passing in the authenticity_token
问题描述
所以,我记得有一次,当我试图做一个AJAX后,我必须传入form_authenticity_token的数据轨道中的一个。出于某种原因,不这样做会产生某种错误的,我会得到立即注销。有没有一种办法仍然有这个这个真实性令牌表单提交,但不适合于Ajax的帖子?换句话说,我不想通过在autheniticy令牌在我的岗位数据。
So I remember that one time, when i was trying to do an AJAX post, I had to pass in the form_authenticity_token as one of the data to rails. For some reason, not doing so will generate some kind of error and I would get logged out immediately. Is there a way to still have this this authenticity token for form submission but not for ajax post? In other words, I dont want to pass in that autheniticy token in my post data.
推荐答案
而不要禁用真实性令牌验证,你可以只把它传递给JavaScript像这样:
Rather than disabling authenticity token verification, you could just pass it to javascript like so:
<%= javascript_tagVAR的auth_token =#{form_authenticity_token.inspect};如果protect_against_forgery? %>
然后,只需提交的auth_token
以及任何AJAX的帖子。
Then just submit AUTH_TOKEN
along with any AJAX posts.
这篇关于没有传入authenticity_token在轨道做AJAX帖子的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!