ruby - WARNING: Can't verify CSRF token authenticity in case of API development

Question

Welcome To Ask or Share your Answers For Others

ruby - WARNING: Can't verify CSRF token authenticity in case of API development

posted Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

ruby - WARNING: Can't verify CSRF token authenticity in case of API development

I am right now developing web APIs with Ruby on Rails. When the Rails app receives POST request without any csrf token, the following error message shall happen. Because the app has no views.

WARNING: Can't verify CSRF token authenticity

So my question is how can I escape csrf token check safely in this case?

Thank you very much in advance.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-23T17:44:45+0000

You can do this by adding

skip_before_filter  :verify_authenticity_token

to your controller. This way all incoming requests to the controller skips the :verify_authenticity_token filter.

Categories

ruby - WARNING: Can't verify CSRF token authenticity in case of API development

ruby - WARNING: Can't verify CSRF token authenticity in case of API development

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags