Ruby on Rails Invalid Authenticity Token when using IE

后端未结

关注

 1  645

well for some strange reason IE gives me and InvalidAuthenticityToken error almost every time a POST query is used. Seems to be that IE does not like the \"/\" and \"=\" charact

相关标签:

1条回答

执笔经年

2021-02-06 06:01
Same problem here with a rails application launched in an iframe I get:

"the change you wanted was rejected"

In log:

ActionController::InvalidAuthenticityToken

Seems that the problem occur in IE when you are developing in an iframe situation where the master page is at a different domain than the inner page. (es: iframed Facebook applications)

This is because IE's default "medium" privacy setting has an issue with cookies in that situation.

A possible solution is to set a P3P header (try to google: p3p iframe internet explorer) Example, in application_controller.rb:
```
before_filter  :set_p3p

def set_p3p
  response.headers["P3P"]='CP="CAO PSA OUR"'
end
```
It works in my case.

Best Regards

Reference: http://duanesbrain.blogspot.com/2007/11/facebook-ie-and-iframes.html
0 讨论(0)
发布评论:

提交评论
- 加载中...