well for some strange reason IE gives me and InvalidAuthenticityToken error almost every time a POST query is used. Seems to be that IE does not like the "/" and "=" characters sometimes found in authenticity_token. So I wondered if anyone has actually found a solution to this?
More strange is that no other browser seems to behave that way.
Thanks in advance.
This error can be due to corrupted cookie in your browser. Clear your browsers cache and cookies, restart the browser and try to log in.
When the user submits the form, Rails looks for the authenticity_token , compares it to the one stored in the session, and if they match the request is allowed to continue. Since the authenticity token is stored in the session, the client cannot know its value.
Same problem here with a rails application launched in an iframe I get:
"the change you wanted was rejected"
In log:
ActionController::InvalidAuthenticityToken
Seems that the problem occur in IE when you are developing in an iframe situation where the master page is at a different domain than the inner page. (es: iframed Facebook applications)
This is because IE's default "medium" privacy setting has an issue with cookies in that situation.
A possible solution is to set a P3P header (try to google: p3p iframe internet explorer) Example, in application_controller.rb:
before_filter :set_p3p
def set_p3p
response.headers["P3P"]='CP="CAO PSA OUR"'
end
It works in my case.
Best Regards
Reference: http://duanesbrain.blogspot.com/2007/11/facebook-ie-and-iframes.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With