Rails 5.2的某些控制器操作提供了InvalidAuthenticityToken [英] Rails 5.2 some controller actions gives InvalidAuthenticityToken

问题描述

以前，我使用gem提供了一个控制器，该控制器用于接受外部服务以将一些数据发布到我们的应用中。但是在Rails 5.2中，它停止了工作。触发端点时，它引发 ActionController :: InvalidAuthenticityToken 错误。

Previously I used a gem which provided a controller for accepting external services to POST some data into our app. However in Rails 5.2 it stopped working. When the endpoint is triggered, it raises ActionController::InvalidAuthenticityToken error.

推荐答案

对于5.2之前的Rails，生成的ApplicationController将调用 protect_from_forgery ，这意味着将检查POST，PUT，DELETE操作的真实性。

For Rails before 5.2, the generated ApplicationController will call protect_from_forgery, meaning POST,PUT,DELETE actions are checked for authenticity.

New Rails 5.2项目将默认情况下检查 ActionController的任何子类的真实性标记： ：Base ，这会影响许多现有的宝石。

New Rails 5.2 projects will by default check authenticity token for any subclass of ActionController::Base instead, which affects many existing Gems.

您可以等待宝石更新以与5.2兼容。

You can wait for the gem updates for compatibility with 5.2.

或者，您可以在初始化程序中猴子修补这些控制器：

Alternatively, you can probably monkey patch these controllers in the initializer:

require 'foo_controller'
class FooController < ActionController::Base
  skip_before_action :verify_authenticity_token, raise: false
end

这篇关于Rails 5.2的某些控制器操作提供了InvalidAuthenticityToken的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！