当前位置: 动力学知识库 > 问答 > 编程问答 >

How do i remove the authenticity_token from rails forms

问题描述:

I have worked out how to disable the authenticity_token in the controller but rails still creates the field in the forms. How do i turn this off as the server i am posting the form to needs a very specific set of field names.

网友答案:

In rails after 3.2.x you can pass a parameter into the form generator as suggested in another answer:

form_for @invoice, :url => external_url, :authenticity_token => false do |f|
  ...
<% end %>

In any rails version you can disable globally in config/application.rb, as in another answer:

config.action_controller.allow_forgery_protection = false

In rails 3.0.x you can disable on a page load basis in the controller by overriding the following method. Unfortunately, there seems to be no way to do this at the form level.

protected
  def protect_against_forgery?
    if ...
      # results in the meta tag being ommitted and no forms having authenticity token
      return false 
    else
      # default implementation based on global config
      return allow_forgery_protection 
    end
  end
网友答案:

To disable it across your application, you can add this line to your config/application.rb:

config.action_controller.allow_forgery_protection = false
网友答案:

For external urls you can turn this of per form as follows:

<%= form_for @invoice, :url => external_url, :authenticity_token => false do |f|
  ...
<% end %>

Source: http://apidock.com/rails/ActionView/Helpers/FormHelper/form_for

网友答案:

Have you try something like this : api rails

分享给朋友:
您可能感兴趣的文章:
随机阅读: