Heroku / Rails / Devise：您想要的更改被拒绝 [英] Heroku/Rails/Devise: The change you wanted was rejected

问题描述

我的Rails 4.2应用程序在Heroku上运行最新版本的Devise时遇到问题。首先，我要指出我已经相当一段时间没有对生产进行任何代码更改了，而且这个问题只是最近才开始的。

I'm having a problem with my Rails 4.2 app running the latest version of Devise on Heroku. I'm going to preface this by stating that I have not pushed any code changes to production in quite some time and that this issue only started recently.

当我转到登录后，我收到一条错误消息：您想要的更改已被拒绝。当我查看日志时，可以看到CSRF令牌有问题。

When I go to log in, I receive an error saying "The change you wanted was rejected." When I view the logs, I can see that it's a problem with the CSRF token.

2015-04-04T19:52:22.430533+00:00 app[web.1]: Started POST "/users/sign_in" for 76.119.72.58 at 2015-04-04 19:52:22 +0000
2015-04-04T19:52:22.435480+00:00 app[web.1]: Completed 422 Unprocessable Entity in 1ms
2015-04-04T19:52:22.434143+00:00 app[web.1]: Processing by Devise::SessionsController#create as HTML
2015-04-04T19:52:22.434211+00:00 app[web.1]:   Parameters: {"utf8"=>"✓", "authenticity_token"=>"94uXDeV2wbb1XMfUL445zrIrbhS92pwe+9tWxkyvwtJhnZtZS3ydYOeP2grZvT/t2YMa2A2k/pA+U5X3gFXlAw==", "user"=>{"email"=>"test@example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
2015-04-04T19:52:22.435112+00:00 app[web.1]: Can't verify CSRF token authenticity
2015-04-04T19:52:22.438522+00:00 app[web.1]:

我已经一直在寻找StackOverflow的答案，并尝试了我能想到的一切。到目前为止，我已经尝试了一些其他操作：

I've been scouring StackOverflow for answers and have tried everything I can think of. I've tried a few different things so far:

1. 我将此行添加到了 session_store中。 rb 认为在开发和生产环境之间混合使用cookie可能是一个问题。
   Rails.application.config.session_store：cookie_store，密钥： _ abhnation_session _＃{Rails.env}

1. I added this line to my session_store.rb thinking that it might be an issue with the cookies being mixed between development and production environments. Rails.application.config.session_store :cookie_store, key: "_abhnation_session_#{Rails.env}"

我没有 rails-api gem，其中建议的讨论可能是罪魁祸首。

I do NOT have the rails-api gem, which some discussions suggested might be the culprit.

我还注意到，问题完全出在Firefox上，而不是特定于环境的。它发生在开发，测试和生产中。在测试中，我只能通过暂存会话来解决它。

I've also noticed that the problem is strictly with Firefox and is not environment-specific. It occurs in development, test, and production. I've only been able to get around it in test by stubbing sessions.

我不知道是什么原因导致了这种情况的发生。几个月以来，我没有对面向公众的生产环境进行任何更改。

I can't figure out what caused this to happen. I have not pushed any changes to my public-facing production environment in a few months.

以下是代码链接： http：// github.com/danielbonnell/abhnation-rails
这是实时站点： http：// abhnation .herokuapp.com /

推荐答案

（至少对我来说）是由<适用于Firefox的href = https://addons.mozilla.org/zh-CN/firefox/addon/donottrackplus/ rel = noreferrer> Blur / DoNotTrackPlus 扩展。我以前曾禁用过它，但是没有效果。但是，当我删除它时，问题就消失了。

Turns out the issue (at least for me) was being caused by the Blur / DoNotTrackPlus extension for Firefox. I had previously disabled it, but that had no effect. When I removed it, however, the problem went away.

希望这对以后的工作有所帮助。

Hope this helps someone in the future.

这篇关于Heroku / Rails / Devise：您想要的更改被拒绝的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！