当我尝试使用CKEditor上传图片时,我收到错误WARNING: Can't verify CSRF token authenticity以及以下内容:
Started POST "/ckeditor/attachment_files?CKEditor=blog_entry_body&CKEditorFuncNum=1&langCode=en" for 127.0.0.1 at 2013-05-28 18:38:57 -0500
Processing by Ckeditor::AttachmentFilesController#create as HTML
Parameters: {"upload"=>#<ActionDispatch::Http::UploadedFile:0x0000000231fef0 @original_filename="me.jpg", @content_type="image/jpeg", @headers="Content-Disposition: form-data; name=\"upload\"; filename=\"me.jpg\"\r\nContent-Type: image/jpeg\r\n", @tempfile=#<Tempfile:/tmp/RackMultipart20130528-13870-17wbprr>>, "CKEditor"=>"blog_entry_body", "CKEditorFuncNum"=>"1", "langCode"=>"en"}
WARNING: Can't verify CSRF token authenticity
User Load (0.4ms) SELECT "users".* FROM "users" WHERE "users"."remember_token" = 'M96bQAv-NGdidsn7hypOJA' LIMIT 1
(0.1ms) BEGIN
(0.2ms) ROLLBACK
Rendered text template (0.0ms)
Completed 200 OK in 7ms (Views: 0.8ms | ActiveRecord: 0.7ms)
看起来好像发生在Ckeditor::AttachmentFilesController#create。但是当我安装CKEditor gem时,我没有看到这个控制器生成。我在另一篇文章中发现我必须skip_before_filter :verify_authenticity_token,但就像我说的那样,我没有看到Ckeditor::AttachmentFilesController#create。
答案 0 :(得分:2)
如果您正在使用ckeditor gem,则可以在此处找到控制器:
https://github.com/galetahub/ckeditor/tree/master/app/controllers/ckeditor
然而,看起来他们的config.js有csrf,恕我直言的解决方案,它比在控制器中执行skip_before_filer更好。
请参阅config.js:
https://github.com/galetahub/ckeditor/blob/master/app/assets/javascripts/ckeditor/config.js