ruby on rails - CSRF token authencity for sub controller -


i getting csrf warning (resetting session) in rails apps whenever post api_controller.rb.

my app run on iframe in phonegap windows phone 8 , in application_controller, have p3p header solve problem. doesn't seem work in case. p3p not there...? has encountered this?

class applicationcontroller < actioncontroller::base  protect_from_forgery before_filter :header_fix  protected   def header_fix     headers['p3p'] = 'cp="all dsp cor cura adma deva our ind com nav"'   end end     class api::apicontroller < applicationcontroller before_filter :login_required  skip_before_filter :detect_device skip_before_filter :detect_browser skip_before_filter :record_log  skip_before_filter :assign_packages skip_before_filter :assign_daily_bonus  end   [2646 - 2013/04/05 13:04:23] (info) started post "/api/chests" 60.50.19.249 @ 2013-04-05 13:04:23 +0800 [2646 - 2013/04/05 13:04:23] (info) processing api::chestscontroller#create */* [2646 - 2013/04/05 13:04:23] (info)   parameters: {"force_new"=>"true"} [2646 - 2013/04/05 13:04:23] (warn) warning: can't verify csrf token authenticity [2646 - 2013/04/05 13:04:23] (info) user agent: mozilla/5.0 (compatible; msie 10.0; windows phone 8.0; trident/6.0; iemobile/10.0; arm; touch; nokia; lumia 920) [2646 - 2013/04/05 13:04:23] (debug)   user load (4.5ms)  select `users`.* `users` `users`.`id` null limit 1 [2646 - 2013/04/05 13:04:23] (debug)   keypackage load (1.2ms)  select `packages`.* `packages` `packages`.`type` in ('keypackage') order cost [2646 - 2013/04/05 13:04:23] (debug)   cache (0.0ms)  select `users`.* `users` `users`.`id` null limit 1 [2646 - 2013/04/05 13:04:23] (debug)   cache (0.0ms)  select `users`.* `users` `users`.`id` null limit 1 [2646 - 2013/04/05 13:04:23] (warn) lost session [60.50.19.249] (/api/chests) - mozilla/5.0 (compatible; msie 10.0; windows phone 8.0; trident/6.0; iemobile/10.0; arm; touch; nokia; lumia 920)

this gem works ruby on rails (https://github.com/grosser/ie_iframe_cookies). solves problem.

even though p3p header valid , user can login, not sure why ie10 this.


Comments

Post a Comment

Popular posts from this blog

monitor web browser programmatically in Android? -

i've got tricky question here. need users make payment bank (namely barclaycard) in uk. so, have https url , add parameters (such amount pay, order reference, etc) url, start http connection intent.actionview, redirect user browser can enter credit card details on bank's webpage , make payment our account successfully. far ? the code use below (i changed values privacy reasons) problem is, need app when user has completed/failed/cancelled payment. barclaycardautomatically redirects particular url when payment has succeeded, 1 if failed. there no way of knowing when barclaycard payment has succeeded go android app somehow ? button cardbutton = (button) findviewbyid(r.id.card_button); cardbutton.setonclicklistener(new view.onclicklistener() { @override public void onclick(view arg0) { string prehashstring = new string(); string prohashstring = new string(); string shapassphrase = new string(); shapassphrase = "gsvth£h70zkh...
Read more

Shrink a YouTube video to responsive width -

i have youtube video embedded on our website , when shrink screen tablet or phone sizes stops shrinking @ around 560px in width. standard youtube videos or there can add code make go smaller? you can make youtube videos responsive css. wrap iframe in div class of "videowrapper" , apply following styles: .videowrapper { float: none; clear: both; width: 100%; position: relative; padding-bottom: 56.25%; padding-top: 25px; height: 0; } .videowrapper iframe { position: absolute; top: 0; left: 0; width: 100%; height: 100%; } the .videowrapper div should inside responsive element. padding on .videowrapper necessary keep video collapsing. may have tweak numbers depending upon layout.
Read more

wpf - PdfWriter.GetInstance throws System.NullReferenceException -

i'm trying create pdf document using itextsharp 5.3.4 using following document document = new document(); filestream stm = new filestream(filename, filemode.create); pdfwriter writer = pdfwriter.getinstance(document, stm); i'm getting system.nullreferenceexception following stack trace: system.nullreferenceexception occurred hresult=-2147467261 message=la référence d'objet n'est pas définie à une instance d'un objet. source=itextsharp stacktrace: à itextsharp.text.version.getinstance() innerexception: i've verified neither document nor stm null, , if select "continue" in vs12 document created - exception thrown. updated itextsharp 5.4.0 , it's still occurring. can't find information on anywhere - got ideas? make sure not catching exceptions. nullreferenceexception can 1 caught , handled inside itextsharp, don't care it. fact can continue supports theory. change following setting verify: debug -> exceptions ...
Read more