Rails ActionController :: InvalidAuthenticityToken错误Heroku

时间:2014-03-21 14:36:48

标签: ruby-on-rails heroku

在最近部署之后,在Heroku上运行应用程序时,我遇到了解决以下错误的问题:

ActionController :: InvalidAuthenticityToken

在以下情况发生:登录/退出并提交表单时,大约75%的时间都会出现错误消息。

它与csrf /真实性令牌有关,但是一切都工作得很好,在开发中没有问题。

<%= csrf_meta_tags%>和authenticity_tokens包含在表格中。

这怎么会突然发生?

heroku日志

 2014-03-22T12:19:27.996333+00:00 app[web.2]:   bin/rails:4:in `require'
2014-03-22T12:19:27.996335+00:00 app[web.2]:   bin/rails:4:in `<main>'
2014-03-22T12:19:27.996354+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/abstract_controller/ca
llbacks.rb:17:in `process_action'
2014-03-22T12:19:27.996360+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/noti
fications/instrumenter.rb:20:in `instrument'
2014-03-22T12:19:27.996368+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/abstract_controller/ba
se.rb:136:in `process'
2014-03-22T12:19:27.996336+00:00 app[web.2]:
2014-03-22T12:19:27.996362+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/noti
fications.rb:159:in `instrument'
2014-03-22T12:19:27.996378+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/routin
g/route_set.rb:80:in `call'
2014-03-22T12:19:27.996355+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/rescue.rb:29:in `process_action'
2014-03-22T12:19:27.996337+00:00 app[web.2]:
2014-03-22T12:19:27.996283+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/cach
e/strategy/local_cache.rb:83:in `call'
2014-03-22T12:19:27.996277+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/rack/logger.rb:20:
in `call'
2014-03-22T12:19:27.996341+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/request_forgery_protection.
rb:163:in `handle_unverified_request'
2014-03-22T12:19:27.996239+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/conditionalget.rb:35:in
 `call'
2014-03-22T12:19:27.996275+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/tagg
ed_logging.rb:67:in `tagged'
2014-03-22T12:19:27.996363+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/instrumentation.rb:30:in `process_action'
2014-03-22T12:19:27.996399+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/cookies.rb:486:in `call'
2014-03-22T12:19:27.996338+00:00 app[web.2]:
2014-03-22T12:19:27.996357+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/instrumentation.rb:31:in `block in process_action'
2014-03-22T12:19:27.996384+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/journe
y/router.rb:59:in `call'
2014-03-22T12:19:27.996297+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/connection.rb:84:in `pr
e_process'
2014-03-22T12:19:27.996344+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/request_forgery_protection.rb:170:in `handle_unverified_request'
2014-03-22T12:19:27.996251+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activerecord-4.0.3/lib/active_record/query_
cache.rb:36:in `call'
2014-03-22T12:19:27.996280+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/methodoverride.rb:21:in
 `call'
2014-03-22T12:19:27.996387+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/etag.rb:23:in `call'
2014-03-22T12:19:27.996340+00:00 app[web.2]: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthen
ticityToken):
2014-03-22T12:19:27.996365+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/params_wrapper.rb:245:in `process_action'
2014-03-22T12:19:27.996358+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/noti
fications.rb:159:in `block in instrument'
2014-03-22T12:19:27.996400+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activerecord-4.0.3/lib/active_record/query_
cache.rb:36:in `call'
2014-03-22T12:19:27.996305+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/backends/base.rb:73:in
`start'
2014-03-22T12:19:27.996294+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/connection.rb:86:in `bl
ock in pre_process'
2014-03-22T12:19:27.996349+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/request_forgery_protection.rb:177:in `verify_authenticity_token'
2014-03-22T12:19:27.996268+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/show_exceptions.rb:30:in `call'
2014-03-22T12:19:27.996292+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/content_length.rb:14:in
 `call'
2014-03-22T12:19:27.996403+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/callbacks.rb:29:in `block in call'
2014-03-22T12:19:27.996410+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/callbacks.rb:27:in `call'
2014-03-22T12:19:27.996411+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/remote_ip.rb:76:in `call'
2014-03-22T12:19:27.996372+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/abstract_controller/re
ndering.rb:44:in `process'
2014-03-22T12:19:27.996376+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l.rb:231:in `block in action'
2014-03-22T12:19:27.996418+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/tagg
ed_logging.rb:67:in `block in tagged'
2014-03-22T12:19:27.996422+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/rack/logger.rb:20:
in `call'
2014-03-22T12:19:27.996391+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/params_parser.rb:27:in `call'
2014-03-22T12:19:27.996402+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activerecord-4.0.3/lib/active_record/connec
tion_adapters/abstract/connection_pool.rb:626:in `call'
2014-03-22T12:19:27.996423+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/request_id.rb:21:in `call'
2014-03-22T12:19:27.996435+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/application.rb:97:
in `call'
2014-03-22T12:19:27.996432+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/ssl.rb:24:in `call'
2014-03-22T12:19:27.996437+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/content_length.rb:14:in
 `call'
2014-03-22T12:19:27.996394+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/session/abstract/id.rb:
225:in `context'
2014-03-22T12:19:27.996412+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/debug_exceptions.rb:17:in `call'
2014-03-22T12:19:27.996450+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/handler/thin.rb:16:in `
run'
2014-03-22T12:19:27.996445+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/eventmachine-1.0.3/lib/eventmachine.rb:187:
in `run_machine'
2014-03-22T12:19:27.996446+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/eventmachine-1.0.3/lib/eventmachine.rb:187:
in `run'
2014-03-22T12:19:27.996397+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/session/abstract/id.rb:
220:in `call'
2014-03-22T12:19:27.996449+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/server.rb:162:in `start
'
2014-03-22T12:19:27.996453+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/commands/server.rb
:84:in `start'
2014-03-22T12:19:27.996463+00:00 app[web.2]:
2014-03-22T12:19:27.996452+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/server.rb:264:in `start
'
2014-03-22T12:19:27.996414+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/show_exceptions.rb:30:in `call'
2014-03-22T12:19:27.996274+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/tagg
ed_logging.rb:25:in `tagged'
2014-03-22T12:19:27.996459+00:00 app[web.2]:   bin/rails:4:in `require'
2014-03-22T12:19:27.996457+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/commands.rb:71:in
`<top (required)>'
2014-03-22T12:19:27.996425+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/methodoverride.rb:21:in
 `call'
2014-03-22T12:19:27.996303+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/eventmachine-1.0.3/lib/eventmachine.rb:187:
in `run'
2014-03-22T12:19:27.996366+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activerecord-4.0.3/lib/active_record/railti
es/controller_runtime.rb:18:in `process_action'
2014-03-22T12:19:27.996375+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l/rack_delegation.rb:13:in `dispatch'
2014-03-22T12:19:27.996351+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/call
backs.rb:377:in `_run__3606036784356827589__process_action__callbacks'
2014-03-22T12:19:27.996448+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/backends/base.rb:73:in
`start'
2014-03-22T12:19:27.996290+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/application.rb:97:
in `call'
2014-03-22T12:19:27.996307+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/server.rb:162:in `start
'
2014-03-22T12:19:27.996373+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_controller/meta
l.rb:195:in `dispatch'
2014-03-22T12:19:27.996382+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/journe
y/router.rb:71:in `block in call'
2014-03-22T12:19:27.996352+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/call
backs.rb:80:in `run_callbacks'
2014-03-22T12:19:27.996302+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/eventmachine-1.0.3/lib/eventmachine.rb:187:
in `run_machine'
2014-03-22T12:19:27.996308+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/handler/thin.rb:16:in `
run'
2014-03-22T12:19:27.996404+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/call
backs.rb:373:in `_run__2997722282201691042__call__callbacks'
2014-03-22T12:19:27.996419+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/tagg
ed_logging.rb:25:in `tagged'
2014-03-22T12:19:27.996381+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/routin
g/route_set.rb:48:in `call'
2014-03-22T12:19:27.996386+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/routin
g/route_set.rb:680:in `call'
2014-03-22T12:19:27.996434+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/engine.rb:511:in `
call'
2014-03-22T12:19:27.996444+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/connection.rb:39:in `re
ceive_data'
2014-03-22T12:19:27.996379+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/routin
g/route_set.rb:80:in `dispatch'
2014-03-22T12:19:27.996405+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/call
backs.rb:80:in `run_callbacks'
2014-03-22T12:19:27.996383+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/journe
y/router.rb:59:in `each'
2014-03-22T12:19:27.996388+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/conditionalget.rb:35:in
 `call'
2014-03-22T12:19:27.996390+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/head.rb:11:in `call'
2014-03-22T12:19:27.996462+00:00 app[web.2]:
2014-03-22T12:19:27.996421+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/tagg
ed_logging.rb:67:in `tagged'
2014-03-22T12:19:27.996415+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/rack/logger.rb:38:
in `call_app'
2014-03-22T12:19:27.996417+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/rack/logger.rb:20:
in `block in call'
2014-03-22T12:19:27.996393+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/flash.rb:241:in `call'
2014-03-22T12:19:27.996429+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/actionpack-4.0.3/lib/action_dispatch/middle
ware/static.rb:64:in `call'
2014-03-22T12:19:27.996431+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/sendfile.rb:112:in `cal
l'
2014-03-22T12:19:27.996442+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/connection.rb:53:in `pr
ocess'
2014-03-22T12:19:27.996427+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/rack-1.5.2/lib/rack/runtime.rb:17:in `call'

2014-03-22T12:19:27.996438+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/connection.rb:86:in `bl
ock in pre_process'
2014-03-22T12:19:27.996454+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/commands.rb:76:in
`block in <top (required)>'
2014-03-22T12:19:27.996428+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/activesupport-4.0.3/lib/active_support/cach
e/strategy/local_cache.rb:83:in `call'
2014-03-22T12:19:27.996439+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/connection.rb:84:in `ca
tch'
2014-03-22T12:19:27.996456+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/railties-4.0.3/lib/rails/commands.rb:71:in
`tap'
2014-03-22T12:19:27.996441+00:00 app[web.2]:   vendor/bundle/ruby/1.9.1/gems/thin-1.6.2/lib/thin/connection.rb:84:in `pr
e_process'
2014-03-22T12:19:27.996460+00:00 app[web.2]:   bin/rails:4:in `<main>'

3 个答案:

答案 0 :(得分:0)

如果没有更多信息,很难确切知道,但这是我的猜测:检查你的缓存实现。

如果抛出错误的页面是正在缓存的页面,并且您的真实性标记已更改,则它们可能具有为其提交表单等缓存的旧的真实性标记,这显然与新标记不匹配。 / p>

这可以解释为什么它在本地工作正常(你可能没有缓存),以及为什么它不会每次都失败(如果不是每个页面都被缓存)。

(哦,无关的评论 - 请更新您的rails版本.4.0.3中有一些重要的安全修复程序)

答案 1 :(得分:0)

这似乎解决了这个问题,即使我不确定为什么......

protect_from_forgery with: :reset_session 

答案 2 :(得分:0)

我通过在 Cloudflare 上启用 Full SSL 解决了这个问题。