开发者

Rails 3 AuthenticityTokens never match

问答 作者:

I'm having a very strange problem right now: I'm submitting a very standard form to a create action, and it always fail with ActionController::InvalidAuthenticityToken. What's incredibly strange is that I do not touch the hidden field in the form, and when I submit I see the authenticity_token in the params, but the value inside _csrf_token is different (I don't know if it's supposed to be the same, just a wild guess). Still, it always fails, the tokens don't match.

The form is 100% normal, no Ajax or multipart. I use warden for authentication, but it definitely shouldn't be a problem.

Someone has any idea, at least were to look ?

Here is the controller code:

class UsersController < ApplicationController

  before_filter :authenticate, :only => [ :show ]

  def new; end

  def create
    if @user = User.create( params[ :user ] )
      redirect_to dashboard_url( :subdomain => @user.subdomain )
    else
      Rails.logger.debug @user.errors.full_messages
      render :new
    end
  end

  def show
  end

end

And here is the view:

<p> Is this you ? </p>

<%= form_for @user, :url => url_for( :controller => 'users', :action => 'create' )  do |f| %>

  <%= f.label :given_name, "Name" %>:
  <%= f.text_field :given_name %>

  <br />

  <%= f.label :family_name, "Surname" %>:
  <%= f.text_field :family_name %>

  <br />

  <%= f.label :location, "Location" %>:
  <%= f.text_field :location %>

  <br />

  <%= f.label :gender, "Gender" %>:
  <%= f.text_field :gender %>

  <br />

  <%= f.label :birthday, "Birthday" %>:
  <%= f.text_field :birthday %>

  <br />

  <%= f.label :email, "Email" %>:
  <%= f.text_field :email %>

  <br />

 开发者_C百科 <%= f.label :url, "URL" %>:
  <%= f.text_field :url %>

  <br />

  <%= f.label :subdomain, "subdomain" %>:
  <%= f.text_field :subdomain %>

  <br />

  <%= submit_tag "Save" %>

<% end -%>

This is the backtrace with the 2 requests:

Started GET "/facebook/callback?code=de9cba64ae1a3d1e667a6ad0-563636354%7CFKnAiPEMDocIONSUgkU7L1zDIj0" for 127.0.0.1 at Fri Nov 12 22:06:15 -0800 2010
  Processing by SessionsController#facebook_callback as HTML
  Parameters: {"code"=>"de9cba64ae1a3d1e667a6ad0-563636354|FKnAiPEMDocIONSUgkU7L1zDIj0"}
style_jam_development['users'].find({:email=>"ngw@nofeed.org"}, {}).limit(-1)
Rendered sessions/facebook_callback.html.erb within layouts/application (8.8ms)
Completed 200 OK in 1991ms (Views: 17.5ms)


Started POST "/users/create" for 127.0.0.1 at Fri Nov 12 22:06:19 -0800 2010
  Processing by UsersController#create as HTML
  Parameters: {"commit"=>"Save", "authenticity_token"=>"qW67SXW12n6UZj1ApJi5oy9IqWB6n8BxXmgS70s2VOA=", "utf8"=>"\342\234\223", "user"=>{"location"=>"Seattle, Washington", "url"=>"http://nofeed.org", "gender"=>"male", "subdomain"=>"", "family_name"=>"Wieland", "birthday"=>"1978-12-19", "given_name"=>"Nicholas", "email"=>"ngw@nofeed.org"}}
Completed   in 0ms

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):


Rendered /Users/ngw/.rvm/gems/ree-1.8.7-2010.02/gems/actionpack-3.0.1/lib/action_dispatch/middleware/templates/rescues/_trace.erb (1.8ms)
Rendered /Users/ngw/.rvm/gems/ree-1.8.7-2010.02/gems/actionpack-3.0.1/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb (259.4ms)
Rendered /Users/ngw/.rvm/gems/ree-1.8.7-2010.02/gems/actionpack-3.0.1/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (284.8ms)

继续阅读:csrfruby-on-rails

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9