开发者

Ruby on Rails Invalid Authenticity Token when using IE

well for some strange reason IE gives me and InvalidAuthenticityToken error almost every time a POST query is used. Seems to be that IE does not 开发者_StackOverflow中文版like the "/" and "=" characters sometimes found in authenticity_token. So I wondered if anyone has actually found a solution to this?

More strange is that no other browser seems to behave that way.

Thanks in advance.


Same problem here with a rails application launched in an iframe I get:

"the change you wanted was rejected"

In log:

ActionController::InvalidAuthenticityToken

Seems that the problem occur in IE when you are developing in an iframe situation where the master page is at a different domain than the inner page. (es: iframed Facebook applications)

This is because IE's default "medium" privacy setting has an issue with cookies in that situation.

A possible solution is to set a P3P header (try to google: p3p iframe internet explorer) Example, in application_controller.rb:

before_filter  :set_p3p

def set_p3p
  response.headers["P3P"]='CP="CAO PSA OUR"'
end

It works in my case.

Best Regards

Reference: http://duanesbrain.blogspot.com/2007/11/facebook-ie-and-iframes.html

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜