Heroku / Rails / Devise:您想要的更改被拒绝 [英] Heroku/Rails/Devise: The change you wanted was rejected
问题描述
我的Rails 4.2应用程序在Heroku上运行最新版本的Devise时遇到问题。首先,我要指出我已经相当一段时间没有对生产进行任何代码更改了,而且这个问题只是最近才开始的。
I'm having a problem with my Rails 4.2 app running the latest version of Devise on Heroku. I'm going to preface this by stating that I have not pushed any code changes to production in quite some time and that this issue only started recently.
当我转到登录后,我收到一条错误消息:您想要的更改已被拒绝。当我查看日志时,可以看到CSRF令牌有问题。
When I go to log in, I receive an error saying "The change you wanted was rejected." When I view the logs, I can see that it's a problem with the CSRF token.
2015-04-04T19:52:22.430533+00:00 app[web.1]: Started POST "/users/sign_in" for 76.119.72.58 at 2015-04-04 19:52:22 +0000
2015-04-04T19:52:22.435480+00:00 app[web.1]: Completed 422 Unprocessable Entity in 1ms
2015-04-04T19:52:22.434143+00:00 app[web.1]: Processing by Devise::SessionsController#create as HTML
2015-04-04T19:52:22.434211+00:00 app[web.1]: Parameters: {"utf8"=>"✓", "authenticity_token"=>"94uXDeV2wbb1XMfUL445zrIrbhS92pwe+9tWxkyvwtJhnZtZS3ydYOeP2grZvT/t2YMa2A2k/pA+U5X3gFXlAw==", "user"=>{"email"=>"test@example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
2015-04-04T19:52:22.435112+00:00 app[web.1]: Can't verify CSRF token authenticity
2015-04-04T19:52:22.438522+00:00 app[web.1]:
我已经一直在寻找StackOverflow的答案,并尝试了我能想到的一切。到目前为止,我已经尝试了一些其他操作:
I've been scouring StackOverflow for answers and have tried everything I can think of. I've tried a few different things so far:
-
我将此行添加到了
session_store中。 rb
认为在开发和生产环境之间混合使用cookie可能是一个问题。
Rails.application.config.session_store:cookie_store,密钥: _ abhnation_session _#{Rails.env}
I added this line to my
session_store.rb
thinking that it might be an issue with the cookies being mixed between development and production environments. Rails.application.config.session_store :cookie_store, key: "_abhnation_session_#{Rails.env}"
我没有 rails-api
gem,其中建议的讨论可能是罪魁祸首。
I do NOT have the rails-api
gem, which some discussions suggested might be the culprit.
我还注意到,问题完全出在Firefox上,而不是特定于环境的。它发生在开发,测试和生产中。在测试中,我只能通过暂存会话来解决它。
I've also noticed that the problem is strictly with Firefox and is not environment-specific. It occurs in development, test, and production. I've only been able to get around it in test by stubbing sessions.
我不知道是什么原因导致了这种情况的发生。几个月以来,我没有对面向公众的生产环境进行任何更改。
I can't figure out what caused this to happen. I have not pushed any changes to my public-facing production environment in a few months.
以下是代码链接: http:// github.com/danielbonnell/abhnation-rails
这是实时站点: http:// abhnation .herokuapp.com /
推荐答案
(至少对我来说)是由<适用于Firefox的href = https://addons.mozilla.org/zh-CN/firefox/addon/donottrackplus/ rel = noreferrer> Blur / DoNotTrackPlus 扩展。我以前曾禁用过它,但是没有效果。但是,当我删除它时,问题就消失了。
Turns out the issue (at least for me) was being caused by the Blur / DoNotTrackPlus extension for Firefox. I had previously disabled it, but that had no effect. When I removed it, however, the problem went away.
希望这对以后的工作有所帮助。
Hope this helps someone in the future.
这篇关于Heroku / Rails / Devise:您想要的更改被拒绝的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!