Disabling forgery protection


I have to enable batch uploads to my website with CURL and forgery
protection in ApplicationController is standing in my way. I do use
the restful authentication plugin and I do call login_required on all
actions. Should I keep forgery protection around?

Forgery protection only makes sure that the client request has
originated from client’s session, right? Is there anything else than I
would be missing in terms of security?


Somewhere near your before filters in your controller, simply type:

protect_from_forgery my_action