Forum: Ruby on Rails Unable to deactivate forgery protection

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
059ed46172a087063ce26250e44c8627?d=identicon&s=25 Fernando Perez (fernando)
on 2009-05-05 22:14
Hi,

I just created a new Rails app that will be receiving some POSTed data
from the outside so it must skip the verify_authenticity_token for some
create actions. Although I have added:
skip_before_filter :verifiy_authenticity_token

I still get InvalidAuthenticityToken. In one of my other Rails app
(created back in Rails 1.2.6 and updated to 2.3.2 over time) this
skipping works perfectly though, has anything changed since? Do I need
to do anything more?

Thanks.
4c438a80fc30661ad619ea177cf9cbd0?d=identicon&s=25 Freddy Andersen (Guest)
on 2009-05-05 22:39
(Received via mailing list)
can you try

protect_from_forgery :except => [ :create, :other_task ]



On May 5, 1:14 pm, Fernando Perez <rails-mailing-l...@andreas-s.net>
80fd28df7e67cb73bb134f7e9488e254?d=identicon&s=25 C. R. Oldham (Guest)
on 2009-05-05 22:46
(Received via mailing list)
On May 5, 2009, at 2:14 PM, Fernando Perez wrote:
>  Although I have added:
> skip_before_filter :verifiy_authenticity_token

Fernando,

I'm assuming that the above is not a cut-and-paste from the app?
Because "verify" is misspelled.

--cro
059ed46172a087063ce26250e44c8627?d=identicon&s=25 Fernando Perez (fernando)
on 2009-05-06 08:14
> I'm assuming that the above is not a cut-and-paste from the app?
> Because "verify" is misspelled.
Magnificent catch! I would not have been able to spot it by myself!

Thank you Freddy and C.R.O. for your time :)
This topic is locked and can not be replied to.