我想通过互联网限制api对api的json请求。它做了什么?
# config/initializers/devise.rb
config.http_authenticatable_on_xhr = false
config.navigational_formats = ["*/", :html, :json]
答案 0 :(得分:1)
从设计文档中
config.http_authenticatable_on_xhr = true
If http headers should be returned for AJAX requests. True by default.
config.navigational_formats = [“ / ”,:html,:json]
==> Navigation configuration
Lists the formats that should be treated as navigational. Formats like
:html, should redirect to the sign in page when the user does not have
access, but formats like :xml or :json, should return 401.
If you have any extra navigational formats, like :iphone or :mobile, you
should add them to the navigational formats lists.
The :"*/*" and "*/*" formats below is required to match Internet
Explorer requests.