从 API 接收 POST 请求时出现 Rails CSRF 问题
[英]Rails CSRF issue on receiving POST request from API
问题描述
I am working on Rails application which interacts with the API.
我正在研究与 API 交互的 Rails 应用程序。 Now there is a step that the API will send the POST request to the application and I tried saving the returned data to the database.现在有一个步骤是 API 将向应用程序发送 POST 请求,我尝试将返回的数据保存到数据库中。 But it looks like the application does not accept the data and return 422 : Unprocessable Entity但看起来应用程序不接受数据并返回 422 : Unprocessable Entity
Here is the error message from the log file这是日志文件中的错误消息
W, [2016-02-29T12:21:54.865291 #22727] WARN -- : Can't verify CSRF token authenticity
I, [2016-02-29T12:21:54.865839 #22727] INFO -- : Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms)
F, [2016-02-29T12:21:54.870852 #22727] FATAL -- :
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
actionpack (4.2.4) lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'
actionpack (4.2.4) lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
actionpack (4.2.4) lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'
I also tried disabling the CSRF我也尝试禁用 CSRF
class MyController < ApplicationController
skip_before_action :verify_authenticity_token
end
But it still doesn't work.但它仍然不起作用。
Please help me get through this.请帮我解决这个问题。 I have been struggling with this issue for three days.我已经为这个问题苦苦挣扎了三天。
1 个解决方案
解决方案1
0 2016-03-02 18:23:56
你可以试试这个
protect_from_forgery with: :null_session, if: Proc.new { |c| c.request.format == 'application/json' }
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.