Hello,
I’ve just upgraded by app to Rails 2.1 and my log started to be filled
with ActionController::InvalidAuthenticityToken exceptions.
I have an application with external XML Restful access.
It seems each time a request comes from a search engine crawler (that
doesn’t support sessions or cookies), Rails 2.1 raises an error even
if the documentation says:
Only HTML/JavaScript requests are checked, so this will not protect your XML API (presumably you’ll have a different authentication scheme there anyway).
Any suggestion?
Here’s the latest part of the backtrace.
“ActionController::InvalidAuthenticityToken”
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
request_forgery_protection.rb:86:in verify_authenticity_token' /usr/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/active_support/ callbacks.rb:173:in
send’
/usr/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/active_support/
callbacks.rb:173:in evaluate_method' /usr/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/active_support/ callbacks.rb:161:in
call’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
filters.rb:430:in call' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ filters.rb:592:in
run_before_filters’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
filters.rb:578:in call_filters' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ filters.rb:573:in
perform_action_without_benchmark’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
benchmarking.rb:68:in perform_action_without_rescue' /usr/lib/ruby/1.8/benchmark.rb:293:in
measure’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
benchmarking.rb:68:in perform_action_without_rescue' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ rescue.rb:201:in
perform_action_without_caching’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
caching/sql_cache.rb:13:in perform_action' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ connection_adapters/abstract/query_cache.rb:33:in
cache’
/usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/
query_cache.rb:8:in cache' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ caching/sql_cache.rb:12:in
perform_action’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
base.rb:529:in send' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ base.rb:529:in
process_without_filters’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
filters.rb:569:in process_without_session_management_support' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ session_management.rb:130:in
process’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
base.rb:389:in process' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:149:in
handle_request’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
dispatcher.rb:107:in dispatch' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:104:in
synchronize’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
dispatcher.rb:104:in dispatch' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:120:in
dispatch_cgi’
/usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/
dispatcher.rb:35:in `dispatch’