Invalid authenticity token only in IE6


#1

Hi guys, I just discovered that both logging in and signing up does
not work in IE6 due to an InvalidAuthenticityToken error. I’m using
the latest restful-authetntication plugin. What’s weird though, is
that I viewed the source before submitting and took note of the token.
After submission, on the error page (in the parameters section) the
token is the exact same. The forms work in every other browser. What
the heck?


#2

We are seeing the same issue, but we’re not using the restful-
authentication plugin. Are you using jQuery or Prototype at all?


#3

Yes, with some parts of the site, but not at all with the forms I’m
having trouble with.


#4

We have the same problem and after months we just can not figure out a
working fix. I think it is in some way connected to the server config
and the trusted zones model used in IE.

2009/5/13, Andrew removed_email_address@domain.invalid:

Hi guys, I just discovered that both logging in and signing up does
not work in IE6 due to anInvalidAuthenticityTokenerror. I’m using
the latest restful-authetntication plugin. What’s weird though, is
that I viewed the source before submitting and took note of the token.
After submission, on the error page (in the parameters section) the
token is the exact same. The forms work in every other browser. What
the heck?


Von meinen Mobilgerät aus gesendet


#5

No im not.

2009/5/15, Matthew B. removed_email_address@domain.invalid:

not work in IE6 due to an InvalidAuthenticityToken error. I’m using


Von meinen Mobilgerät aus gesendet


#6

Are you in an iframe? IE6 and Safari famously don’t let you set cookies
in an iframe. Rails’ csrf stuff then bites the dust.


Matthew B. :: 607 227 0871
Resume & Portfolio @ http://madhatted.com


#7

Were you ever able to resolve this? I need my web application to
support IE6 and discovered that I’m suffering from the same problem.


#8

What web server and version are you using?

We’re using Apache 2.2.9 (mpm-worker) w/Passenger 2.0.6, on Ubuntu
9.04. And Rails 2.2.2.


#9

Well, I don’t know about others that may have this problem, but I
solved my problem.

In order to test my web application across both versions of IE (6 and
7) I have version 7 installed and a “standalone” version of 6
installed.

The standalone version of IE6 doesn’t appear to function properly with
regards to cookies. I tested my web app on another machine that ONLY
has IE6 (regular version) and it works fine.

I guess I’ll have to set up a full VM to test my rails app on IE6 on
my workstation. Oh well.


#10

Thanks for the tip, I tested my app in a native IE6 VM and it works
fine as well. It must have been that stand alone IE6 I was using.
Phew!


#11

I’ve got Apache 2.2.8 (prefork) on Ubuntu Server 8.10 proxying to one
instance of my rails app (thin 1.0.0 w/rails 2.3.2)


#12

I’ve been using standalone IE6 as well! This is good news. However, I
get these errors every day on my production app; are there really that
many people using standalone IE6?