Devise + Omniauth [警告:无法验证CSRF令牌真实性]

时间:2011-09-12 20:45:50

标签: ruby-on-rails devise csrf omniauth

我收到了这个警告

WARNING: Can't verify CSRF token authenticity

在我的回调行动开始之前,即

Started GET "/users/auth/open_id?openid_url=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid" for 98.xxx.xx.xx at 2011-09-12 16:26:02 -0400
Started GET "/users/auth/open_id/callback?openid_url=https%3A%2%2Fwww.google.com%2Faccounts ... etc ... etc
Processing by Users::OmniauthCallbacksController#open_id as HTML
Parameters: {"openid_url"=>"https://www.google.com/accounts/o8/id"}
WARNING: Can't verify CSRF token authenticity
Entering Users::OmniauthCallbacksController, omniauth_login

直接来自浏览器的请求没有警告。我使用rails 3.1,设计1.4.5,omniauth 0.2.6。

关于如何解决这个问题的想法?

谢谢!

1 个答案:

答案 0 :(得分:-3)

关闭protect_from_forgery为我工作。