Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Issue with forgery protection and Rails 3.2 #1

Closed
ghost opened this Issue Dec 3, 2013 · 3 comments

Comments

1 participant
@ghost

ghost commented Dec 3, 2013

Hey @ankane, just a quick issue where I wanted to say thanks for this Gem...I just found it useful for an app I'm working on. Also, I wanted to suggest a README update specific to Rails 3.2.

I had to add an extra line above my controller methods

  skip_before_filter :verify_authenticity_token, only: [:impersonate, :stop_impersonating]

Feel free to drop this line into your README where it makes the most sense. Basically, for Rails 3.2 you have to skip the forgery protection before filters while switching users.

@ghost

ghost commented Dec 3, 2013

Also, for Rails 4, this would be

  skip_before_action :verify_authenticity_token, only: [:impersonate, :stop_impersonating]
Owner

ankane commented Dec 5, 2013

I think this may be related to how your specific routes are setup.

Owner

ankane commented Mar 24, 2014

Cleaning up issues

@ankane ankane closed this Mar 24, 2014

@philoye philoye pushed a commit to philoye/pretender that referenced this issue Apr 30, 2016

@tilthouse tilthouse Merge pull request #1 from hakanensari/patch
Pull in patch
3594402
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment