Rails:CSRF令牌无法正常工作但设置正常
我在heroku上有我的rails 3应用程序,当我发送银行信息时,我得到: WARNING: Can't verify CSRF token authenticity但我的CSRF令牌已设置。 https://gist.github.com/anonymous/7081401
$.ajax({ url: '#{credit_cards_path}', type: 'POST', beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', '#{form_authenticity_token}')}, dataType: "json", data: { cc_uri: response.data.uri, address: $('.address').val() // etc ... }, success: function(randomobject) { window.location = '/products/' + randomobject.value + '/receipt'; } });
heroku日志
829962+00:00 app[web.1]: Started POST "/products/2/card" for 100.2.109.97 at 2013-10-21 09:13:03 +0000 835379+00:00 app[web.1]: WARNING: Can't verify CSRF token authenticity 834929+00:00 app[web.1]: Processing by CreditcardsController#addcard as HTML 834929+00:00 app[web.1]: Parameters: {"state"=>"NY", "id"=>"2"} 604099+00:00 heroku[router]: at=info method=POST path=/products/2/card host=app.herokuapp.com fwd="100.2.109.97" dyno=web.1 connect=1ms service=1781ms status=500 bytes=643 604259+00:00 app[web.1]: 602739+00:00 app[web.1]: Completed 500 Internal Server Error in 1768ms 604259+00:00 app[web.1]: Balanced::BadRequest (Balanced::BadRequest(400)::Bad Request:: POST https://api.balancedpayments.com/v1/customers: request: Invalid field [card_uri] - "None" must be a string URI Your request id is OHMfe86f2883a3011e3980d02a1fe53e539. ):
可能与你使用#{form_authenticity_token}
根据此源警告:无法validationCSRF令牌真实性rails您应该能够使用此代码:
headers: { 'X-Transaction': 'POST Example', 'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content') },