Got an Internal Rails 2.1.1 app. It is on an intranet and the
computers accessing it do not access any other websites.
I am getting a lot of invalid authenticity errors.
All the pages that are generating the errors are using the rails Form
builder helpers with standard POST actions. So I don’t see how I
would be creating so many errors.
I am considering turning this feature off all together, as cross site
scripting is basically impossible if your PC doesn’t connect to the
Internet or any other website.
But I would like to know if there is anything I should be looking for
as to why I am getting so many of these errors. Where should I start?