Disabling forgery protection

Hi,

I have to enable batch uploads to my website with CURL and forgery
protection in ApplicationController is standing in my way. I do use
the restful authentication plugin and I do call login_required on all
actions. Should I keep forgery protection around?

Forgery protection only makes sure that the client request has
originated from client’s session, right? Is there anything else than I
would be missing in terms of security?

Thanks,
Tiberiu

Somewhere near your before filters in your controller, simply type:

protect_from_forgery my_action

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs