使用IE时Ruby on Rails无效的真实性令牌
由于某种奇怪的原因,IE几乎每次使用POST查询时都会给我和InvalidAuthenticityToken错误.似乎IE不喜欢有时在authenticity_token中找到的"/"和"="字符.所以我想知道是否有人真的找到了解决方案?
well for some strange reason IE gives me and InvalidAuthenticityToken error almost every time a POST query is used. Seems to be that IE does not like the "/" and "=" characters sometimes found in authenticity_token. So I wondered if anyone has actually found a solution to this?
更奇怪的是,似乎没有其他浏览器具有这种行为.
More strange is that no other browser seems to behave that way.
谢谢.
在iframe中启动的Rails应用程序在这里出现了同样的问题:
Same problem here with a rails application launched in an iframe I get:
您想要的更改被拒绝"
"the change you wanted was rejected"
在日志中:
ActionController :: InvalidAuthenticityToken
ActionController::InvalidAuthenticityToken
当您在母版页与内部页位于不同域的iframe情况下进行开发时,似乎在IE中出现了问题. (例如:iframed Facebook应用程序)
Seems that the problem occur in IE when you are developing in an iframe situation where the master page is at a different domain than the inner page. (es: iframed Facebook applications)
这是因为在这种情况下,IE的默认中"隐私设置与cookie无关.
This is because IE's default "medium" privacy setting has an issue with cookies in that situation.
一个可能的解决方案是设置P3P标头(尝试使用Google:p3p iframe Internet Explorer) 例如,在application_controller.rb中:
A possible solution is to set a P3P header (try to google: p3p iframe internet explorer) Example, in application_controller.rb:
before_filter :set_p3p
def set_p3p
response.headers["P3P"]='CP="CAO PSA OUR"'
end
在我的情况下有效.
最好的问候
参考: http://duanesbrain.blogspot.com/2007/11/facebook-ie-and-iframes.html