Rails 5.2的某些控制器操作提供了InvalidAuthenticityToken [英] Rails 5.2 some controller actions gives InvalidAuthenticityToken
问题描述
以前,我使用gem提供了一个控制器,该控制器用于接受外部服务以将一些数据发布到我们的应用中。但是在Rails 5.2中,它停止了工作。触发端点时,它引发 ActionController :: InvalidAuthenticityToken
错误。
Previously I used a gem which provided a controller for accepting external services to POST some data into our app. However in Rails 5.2 it stopped working. When the endpoint is triggered, it raises ActionController::InvalidAuthenticityToken
error.
推荐答案
对于5.2之前的Rails,生成的ApplicationController将调用 protect_from_forgery
,这意味着将检查POST,PUT,DELETE操作的真实性。
For Rails before 5.2, the generated ApplicationController will call protect_from_forgery
, meaning POST,PUT,DELETE actions are checked for authenticity.
New Rails 5.2项目将默认情况下检查 ActionController的任何子类的真实性标记: :Base ,这会影响许多现有的宝石。
New Rails 5.2 projects will by default check authenticity token for any subclass of ActionController::Base instead, which affects many existing Gems.
您可以等待宝石更新以与5.2兼容。
You can wait for the gem updates for compatibility with 5.2.
或者,您可以在初始化程序中猴子修补这些控制器:
Alternatively, you can probably monkey patch these controllers in the initializer:
require 'foo_controller'
class FooController < ActionController::Base
skip_before_action :verify_authenticity_token, raise: false
end
这篇关于Rails 5.2的某些控制器操作提供了InvalidAuthenticityToken的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!