Reputation: 2091
rails protect_from_forgery raises with exception
I have Rails project which is working on production.
But on localhost it raises on every POST request with ActionController::InvalidAuthenticityToken. I know what is it.
AuthToken is protection from csrf attacks. I have in my application_controller.rb
protect_from_forgery with: :exception #this line raise exception
and csrf_meta_tags present.
I have no any problems in other Rails projects with it.
If I remove param with: :exception session will reset after reloading page.
what is the problem?
Upvotes: 0
Views: 716
Answers (2)
Reputation: 2091
Problem solved!
Project has config in config/environments/development.rb
Rails.application.routes.default_url_options[:host] = 'my_project.dev:3000'
I tried to load project on localhost:3000, but url was my_project.dev:3000.
Upvotes: 1
Related Questions
- Rails: How to implement protect_from_forgery in Rails API mode
- Override the protect_from_forgery strategy in a controller
- protect_from_forgery in Rails 6?
- Why is Rails giving me "Can't verify CSRF token authenticity" error?
- 500 internal server error with protect_from_forgery with: :null_session
- Correct use of protect_from_forgery in Rails app serving Web and API
- Turn on request forgery protection with or witout Rails's protect_from_forgery?
- Rails csrf protection fails sometimes
- Ruby: protect_from_forgery when is it raised?
- Rails 3 protect_from_forgery not working correctly?