Rails简单forms给出了InvalidAuthenticityToken错误
我有一个这样的简单forms:
和这种方法的控制器:
def busca puts params[:searchText] end
当我单击表单中的图像按钮时,我得到一个ActionController :: InvalidAuthenticityToken。 这是完整的StackTrace:
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/request_forgery_protection.rb:86:in
verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
发送’/Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:inevaluate_method' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:166:in
verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
/verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
evaluate_method' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:166:in
调用’/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:225:incall' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
run_before_filters’/Librarycall' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
Rubycall' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
Gemscall' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
1.8call' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
gemscall' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
actionpack-2.2.2call' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
libcall' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
action_controller /filters.rb:615:incall_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:610:in
actionpack-call_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:610:in
filters.rb:610:call_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:610:in
perform_action_without_benchmark’/call_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:610:in
/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:inperform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
Libraryperform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
Rubyperform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
Gemsperform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
1.8perform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
gemsperform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
actionpack-2.2.2perform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
lperform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
perform_action_without_caching' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/caching/sql_cache.rb:13:in
perform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
perform_action_without_caching' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/caching/sql_cache.rb:13:in
perform_action’perform_action_without_caching' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/caching/sql_cache.rb:13:in
/ query_cache.rb:34:在cache' /Library/Ruby/Gems/1.8/gems/activerecord-2.2.2/lib/active_record/query_cache.rb:8:in
cache’/Library/Ruby/Gems/1.8/gems/ actionpack-2.2.2 / lib / action_controller / caching / sql_cache.rb:12:inperform_action' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:524:in
/ Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:524:in send ‘/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:524:inprocess_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:in
/process_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:in
/process_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:in
/process_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:in
/process_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:in
process_without_session_management_support’/process_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:in
ion_controller / session_management.rb:134:process' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:392:in
process’/Library/Ruby/Gems/1.8/ gems / rails-2.2.2 / lib / webrick_server.rb:74:inservice' /Library/Ruby/Gems/1.8/gems/rails-2.2.2/lib/commands/servers/webrick.rb:66 /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
Ruby/Gems/1.8/gems/rails-2.2.2/lib/commands/servers/webrick.rb:66service' /Library/Ruby/Gems/1.8/gems/rails-2.2.2/lib/commands/servers/webrick.rb:66 /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
require’service' /Library/Ruby/Gems/1.8/gems/rails-2.2.2/lib/commands/servers/webrick.rb:66 /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
。 rb:521:innew_constants_in' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
:new_constants_in' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
:innew_constants_in' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
2.2.2 / LIB /命令/ server.rb:49
怎么了?
默认情况下,所有非GET操作都要求将真实性令牌与请求一起传递。 Rails使用真实性令牌来避免CSRF攻击。
确保它始终存在的最简单方法是使用form_tag
帮助程序而不是手动编写HTML。
<% form_tag "/home/search", :name => "searchForm" do %> fields here <% end %>
沿着Nat的路线,加入
<%= token_tag %>
就在HTML“form”标签工作之后
如果您不使用帮助程序生成表单标记,则可以使用真实性标记手动生成隐藏字段:
如上所述,使用表单助手可以正常工作。
由于这是一个搜索表单,该方法实际上应该是’get’。 通常,除非数据库中的某些内容发生变化,否则应使用“get”。
对搜索表单使用method =’get’也是更友好的书签/后退按钮。
protect_from_forgery:only => [:create,:update,:destroy]将为您节省一些麻烦:)(在您的Controller类中)