InvalidAuthenticityToken exception when deleting cookies

Hello,

I’ve been testing my project with some manual tests. One of them
consists of deleting cookies (“clean personal info” in firefox) just
before submit the login form. Then, I get an error.

The error message is: ActionController::InvalidAuthenticityToken in
SessionsController#create

I’m on Rails 2.0.2 with restful_authentication plugin. I’m using default
cookie session store, too.

Any idea?

Thanks.

On 15 Apr 2008, at 19:40, Sergio wrote:

The error message is: ActionController::InvalidAuthenticityToken in
SessionsController#create

Any idea?

This is Rails CSRF protection kicking in, see:

http://api.rubyonrails.com/classes/ActionController/RequestForgeryProtection.html

Try reloading the page with the form before submitting.

Will.

On 15 abr, 21:17, Will J. [email protected] wrote:

Try reloading the page with the form before submitting.

But can I reload the page automatically before submitting? or I must
trust the user to do it… How can I avoid the user getting that
exception?

Thanks!

could you try to include prototype in your layout? It’s work for me :slight_smile:

Thank you, I tried it, but it doesn’t seem to fix the error.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs