Reputation: 1133
Rails not sending session cookies to JSON request
I am using Rails 3.2.8. I want to access a record from the application do some processing and return the results in the form of a modified record. I am doing this through json requests to the controller. It is working properly, but I get CSRF warnings when I post the update (of course). I thought to remove these by storing the session cookie from the original request and using when doing the post. (This also seems like a good security practice).
The problem is that a session cookie is not being sent. I have tried using HTTParty and RestClient gems. When I make the request in the browser (using RESTClient plugin for firefox) the cookies are sent. I presume that this is the expected behavior as cookies ought to be sent to browsers.
Is there a way to get the cookie to be sent to a script?
Is it correct to do so? and if not how should I be approaching this?
Upvotes: 0
Views: 1310
Answers (1)
Reputation: 11876
Please check the authenticity_token goes in the parameters or not. I had faced the similar issue like this in past.
If authenticity_token is not passed in parameter, add in your form form_authenticity_token helper.
or
In your controller
skip_before_filter :verify_authenticity_token
I think this mights helps you.
Upvotes: 3
Related Questions
- Sending cookie in XHR response but it's not getting stored?
- Sending HTTPOnly cookie in response using Rails API application
- Rails 4 sessions cookie is not set
- Rails Set-Cookie on json API response
- How to send header and cookies with rest-client gem
- Creating Cookies while rendering JSON
- Ruby RestClient post request with cookies
- Issue with setting/getting cookies in Rails 4?
- Rails Cookie Setting Problems
- session cookie httponly false rails 3.1