Hi, I just created a new Rails app that will be receiving some POSTed data from the outside so it must skip the verify_authenticity_token for some create actions. Although I have added: skip_before_filter :verifiy_authenticity_token I still get InvalidAuthenticityToken. In one of my other Rails app (created back in Rails 1.2.6 and updated to 2.3.2 over time) this skipping works perfectly though, has anything changed since? Do I need to do anything more? Thanks.
on 2009-05-05 22:14
on 2009-05-05 22:39
can you try protect_from_forgery :except => [ :create, :other_task ] On May 5, 1:14 pm, Fernando Perez <rails-mailing-l...@andreas-s.net>
on 2009-05-05 22:46
On May 5, 2009, at 2:14 PM, Fernando Perez wrote: > Although I have added: > skip_before_filter :verifiy_authenticity_token Fernando, I'm assuming that the above is not a cut-and-paste from the app? Because "verify" is misspelled. --cro
on 2009-05-06 08:14
> I'm assuming that the above is not a cut-and-paste from the app? > Because "verify" is misspelled. Magnificent catch! I would not have been able to spot it by myself! Thank you Freddy and C.R.O. for your time :)