rails csrf验证在firefox [英] rails csrf validation in firefox
问题描述
警告:无法验证CSRF令牌的真实性
登录屏幕返回没有任何错误消息。
有人可以给我一个提示,以照顾发生了什么吗?
我有完全相同的问题。登录在Chrome中工作,而不是在FF中。
问题与CSRF无关,因为我评论过 protect_from_forgery
并试图登录,但我不被允许。唯一的区别是警告消息消失了。
经过一些调试,我发现问题与会话和:domain =>相关:会话存储的所有设置。
MyApp :: Application.config.session_store:cookie_store,key:'_myapp_session',:domain => :全部
我删除了:domain =>所有
,我能够使用Firefox登录。希望这可以帮助某人,尽管答案是迟到两个月。
I have a site created with Rails using Devise for authentication. It works perfectly fine in Chrome, but in Firefox I cannot log in. All I can see is a message in log:
WARNING: Can't verify CSRF token authenticity
And the login screen comes back without any error messages.
Can someone give me a hint where to look after what is happening?
I had exactly the same problem. Login was working in Chrome and not in FF.
The problem was not related to CSRF since I commented out protect_from_forgery
and tried to signin but I wasn't allowed to. The only difference was that the warning message disappeared.
After some debugging I found out that the problem is related to session and :domain => :all setting for the session store.
MyApp::Application.config.session_store :cookie_store, key: '_myapp_session', :domain => :all
After I removed :domain => all
, I was able to login using Firefox. Hope that this will help someone even though the answer arrives two months late.
这篇关于rails csrf验证在firefox的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!