ActionController::InvalidAuthenticityToken
Opened this issue · 1 comments
Hi. anveo!
I used your github swfupload_demo project in my project. but happened ActionController::InvalidAuthenticityToken.
So. why?
Now i spent to find ActionController::InvalidAuthenticityToken. help me.
my rails version 2.3.4 and using passenger-2.2.5.
my source below is...
require 'rack/utils'
class FlashSessionCookieMiddleware
def initialize(app, session_key = '_session_id')
@app = app
@session_key = session_key
end
def call(env)
if env['HTTP_USER_AGENT'] =~ /^(Adobe|Shockwave) Flash/
params = ::Rack::Request.new(env).params
env['HTTP_COOKIE'] = [ @session_key, params[@session_key] ].join('=').freeze unless params[@session_key].nil?
end
@app.call(env)
end
end
require 'mime/types'
class Fattachment < ActiveRecord::Base
belongs_to :user
has_attached_file :attachment,
:url => "/fattachment/forums/:id/:style/:basename.:extension",
:path => ":rails_root/public/fattachment/forums/:id/:style/:basename.:extension"
validates_attachment_presence :attachment
validates_attachment_size :attachment, :less_than => 1.megabytes
validates_attachment_content_type :attachment, :content_type => ['application/x-bittorrent', 'application/smil', 'text/plain', 'application/pdf', 'application/msword']
def swfupload_file=(data)
data.content_type = MIME::Types.type_for(data.original_filename).to_s
self.attachment = data
end
end
ActionController::Dispatcher.middleware.insert_before(ActionController::Base.session_store, FlashSessionCookieMiddleware, ActionController::Base.session_options[:key])
<% session_key_name = ActionController::Base.session_options[:key] %>
<script type="text/javascript">
var swfu;
// Dom Ready
$(document).ready(function() {
// Setup SWFU object
var settings = {
upload_url: "<%= fattachments_path %>",
flash_url: "/flash/swfupload.swf",
requeue_on_error: false,
post_params: {
'<%=session_key_name %>': '<%= cookies[session_key_name]%>',
'authenticity_token':'<%=form_authenticity_token%>'
},
http_success : [200],
// File Upload Settings
file_size_limit: "1 MB",
file_types: "*.torrent;*.smi;*.smil;*.pdf;*.doc;",
file_types_description: "Image Files",
file_upload_limit : "15",
file_queue_limit : "15",
button_image_url : '/img/file_add_btn.png',
button_width : 78,
button_height : 27,
button_action : SWFUpload.BUTTON_ACTION.SELECT_FILES,
button_cursor : SWFUpload.CURSOR.HAND,
button_placeholder_id : "spanButtonPlaceholder",
button_text : '',
button_text_style : "",
button_text_top_padding :0,
button_text_left_padding : 0,
file_queued_handler: Upload.file_queued,
file_queue_error_handler : Upload.file_queue_error,
file_dialog_complete_handler : Upload.file_dialog_complete,
upload_start_handler: Upload.upload_start,
upload_progress_handler: Upload.upload_progress,
upload_error_handler: Upload.upload_error,
upload_success_handler: Upload.upload_success,
upload_complete_handler: Upload.upload_complete,
upload_successful : false,
debug: false // Set to true to find out why things aren't working
};
swfu = new SWFUpload(settings);
});
</script>
Help me!
Hi, make sure that session data in additional post_params is set correctly!
I had to change this to the following:
post_params: {
'<%= ActionController::Base.session_options[:key] %>': '<%= cookies[ActionController::Base.session_options[:key]] %>',
'authenticity_token': '<%= form_authenticity_token %>'
},
I'm using Rails 2.3.5 and Passenger 2.2.7 – it works great with those settings above.