Reputation: 1762
Rails POST doesnt extract any path, query or request parameters
I want to grant users access to my API (hosted on heroku.com) from their sites. But a strange problem occurs, when i want them to allow to post to the api:
Data sent from an correct form with the correct action-url (e.g. "http://myapp.com/projects/123/tasks/321/todos") - the params get serialized and send via jQuery - i encounter an "ActionController::MethodNotAllowed" with the additional info: "Only get and post requests are allowed", that re-routes to ApplicationController#index with :method => :options.
Rails doesnt extract the params for project_id (123) and task_id (321) from the url, neither are any further request_parameters, path_parameters or query_parameters available.
This behaviour occurs, when I POST from external sites, but doesn't occur, when posting from an html-page on my local machine. My first thought was about wrong encoding, but how to fix that problem.
Edit: I am using authlogic (not devise :-D) and for the :create action the protect_from_forgery is already skipped.
Any suggestions appreciated
Upvotes: 1
Views: 313
Answers (3)
Reputation: 1762
The problem occured due to the cross domain policy - the request was made from another domain - and because I was using a recent browser that supports CORS, it was sending an OPTIONS-request first to get known from the server, which actions are allowed for this domain.
Upvotes: 0
Reputation: 17257
Okay. I'll try and answer the right question this time (see other comment).
So I've thought about this, and I'm wondering, is this a case of the jQuery call attempting a PUT request? When you use the local form Rails will POST the data, but add the extra _method field to emulate a PUT.
Don't know if you are using jquery-rails, but this takes care of setting the _method parameter, and the PUT/POST verb translation for you in your AJAX calls.
Upvotes: 0
Reputation: 16015
i guess that happens because rails tries to protect your form CSRF attacks.
you can comment out the protect_from_forgery line in your ApplicationController to test it.
but im not sure if thats the right way of dealing with this issue in the production environment.
Upvotes: 0
Related Questions
- No route matches [GET] on a post request
- Post not passing parameters as expected
- Missing Params on Post in Rails?
- Rails: Post parameter is null
- "No route matches [POST]" despite Resources in my Routes file
- Getting "param is missing or the value is empty: post" explained below
- Rails doesn't receive http post request parameters
- Why do I get "No routes matches post"?
- rails post params getting a id not found
- Trying to create a POST request but getting No route matches [GET]