-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSRF Token not valid after refresh_dom_with_partial #11
Comments
The Rails-4 autogenerated CSRF-Token metadata in the header looks like this:
Maybe the json response should contain a meta-tags dictionary:
|
The "Can't verify CSRF token authenticity" happens sometimes in some POST requests. I have witnessed it in some automated tests, so it is fully reproducible. I did not have time yet to investigate it further, as it did not seem to alter rails-ajax behavior. However it is the first time I see a 422 HTTP error linked to it. Are you using Devise for your authentication mechanism? As a temporary work-around you can specify to not use rails-ajax for the link or form giving this error by using the |
No, I'm using the rails 4 native I have a fixed forked version: https://github.com/S0lll0s/rails-ajax/tree/master/lib/rails-ajax I also found that it didn't work with "regular" form submission (via |
Thanks a lot for your contribution! I will have a look at it soon, add specific tests for it, merge it and deliver a new rails-ajax version (should be beginning of June). |
Did you have a chance to test using the fixed forked version on I did not have time yet to merge the fix. Still in the pipe. On Sat, Aug 16, 2014 at 3:43 AM, Fabio (f1f5) notifications@github.com
Muriel Salvan http://muriel.x-aeon.com |
When I log out and log in without changing the main action again, I get a 422 error:
RailsAjax call failed with error 422 (OK): undefined - undefined
The console shows this:
The login form is in a partial (
userbar
) in the layout and gets updated like this when logging out:refresh_dom_with_partial('aside#userbar', "userbar")
The text was updated successfully, but these errors were encountered: