if you got this error while requesting the application via JSON request:
exception ActionController::InvalidAuthenticityToken
backtrace":"[\"/home/uadmin/.rvm/gems/ruby-2.1.7/gems/actionpack-4.2.4/lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'\",
\"/home/uadmin/.rvm/gems/ruby-2.1.7/gems/actionpack-4.2.4/lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'\",
...
modify your controller:
class ApplicationController < ActionController::Base
skip_before_filter :verify_authenticity_token, if: :json_request?
def json_request?
request.format.json?
end
end
@Al-un @maxivak Is it the proper way to go when you have Rails API controllers handling JSON requests from a ReactJs app? I mean, is it secure to remove the
verify_authenticity_token
since you are in an API app?