使用ajax 422从JS到控制器的rails 4无法处理的实体无法验证CSRF令牌的真实性

时间:2014-05-15 15:48:30

标签: javascript ruby-on-rails ajax post ruby-on-rails-4

我的show.html.erb页面中有一个数组,想要使用Ajax请求将它从javascript传递给Controller中的方法,但是它给了我错误HTTP/1.1 422 Unprocessable Entity并且我不知道在哪里搜索

这是我的JS代码:

function create_ajax_request (url, data, callback) {
  var xhr = new XMLHttpRequest();
  xhr.open('PUT', url, true);
  xhr.setRequestHeader('Content-Type', 'application/json');
  xhr.setRequestHeader('Accept', 'application/json'); // I want JSON 
  xhr.responseType = "json";
  xhr.addEventListener('load', function() {
    xhr.responseJSON =  xhr.response;
    console.log(xhr.responseJSON);
    callback(xhr.responseJSON,  xhr);
   });
  xhr.send( JSON.stringify(data) );
  return xhr;
}

function submit()
{
  var SelectedValue = [];
  var name = 0;
  var radios = document.getElementsByTagName("input");
  for(var i=0; i<radios.length; i++) {
    if(radios[i].checked)
  {
  var valueSelected = radios[i].value;
  window.alert(valueSelected);
  SelectedValue.push("valueSelected")
  }
}
  var url = ['http://' + location.host, 'new_surveys', 'submit'].join('/');
  var callback = function(responseJSON, xhr) {
}
   create_ajax_request(url, {arrays: SelectedValue}, callback);
}

这是我的控制器,当我搜索时我发现问题应该在我添加这一行时解决:skip_before_filter:verify_authenticity_token,only:[:submit]但没什么新的:/ 

class NewSurveysController < ApplicationController
  before_action :set_new_survey, only: [:show, :edit, :update, :destroy, :submit]
  skip_before_filter :verify_authenticity_token, only: [:submit]

# GET /new_surveys
# GET /new_surveys.json
def index
  @new_surveys = NewSurvey.all
end

def submit
  data = params[:arrays]
  some code ..
end

日志

 Started PUT "/new_surveys/submit" for 127.0.0.1 at 2014-05-15 19:26:12 +0200
Processing by NewSurveysController#update as JSON
Parameters: {"arrays"=>["valueSelected"], "id"=>"submit", "new_survey"=>{}}
Can't verify CSRF token authenticity
Completed 422 Unprocessable Entity in 15ms

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
actionpack (4.0.4) lib/action_controller/metal/request_forgery_protection.rb:166:in `handle_unverified_request'
actionpack (4.0.4) lib/action_controller/metal/request_forgery_protection.rb:173:in `handle_unverified_request'
devise (3.2.4) lib/devise/controllers/helpers.rb:182:in `handle_unverified_request'

0 个答案:

没有答案
相关问题
最新问题