Why does destroy action trigger HTTP authentication in Production in Rails 3?

Question

Screenshot of what happens when I press \'delete\': http://twitpic.com/4mljuy

This is what I see in my production.log:

Started POST \"/clients/1\" fo         


        

Answer 1

You probably have a before filter on the application controller or on your controller with basic auth requested.

Or, do you have any gems for authenication?

Answer 2

Update to the latest jquery ujs driver which includes the CSRF token in each request to prevent your session from being reset since the changes in 3.0.4.