Instead of just filling out the form in HTML it should also be possible to just send a post request containing the params.. Is it possible to turn off the authenticity token if, for example, the Accept flag is set to 'application/JSON' in the HTTP header?
I know there is a way to turn it off for a controller or an action. Not sure about the content type. Wouldn't it be easier to just add the authenticity token to every json request? There are quite few articles around the web how to do it (for example here and here).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With