Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Rails Rpec InvalidCrossOriginRequest

Tags:

ruby-on-rails

xss

rspec

I have a test in rspec for a destroy that returns the following:

ActionController::InvalidCrossOriginRequest: Security warning: an embedded <script> tag on another site requested protected JavaScript. If you know what you're doing, go ahead and disable forgery protection on this action to permit cross-origin JavaScript embedding.

I can run the destroy just fine thru the UI but when it gets tested I get the above warning. Why is that?

like image 241
stackjlei Avatar asked Oct 20 '25 06:10

stackjlei

1 Answers

Is your destroy request supposed to be an AJAX request? If so, you can assign the xhr option to true.

get some_path, xhr: true
like image 112
mridula Avatar answered Oct 21 '25 19:10

mridula
Sign in to Comment

Related questions

Rails select distinct association from collection

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!