On Tue, Oct 14, 2008 at 11:25 AM, Frederick Cheung <[EMAIL PROTECTED]> wrote: > > > On 14 Oct 2008, at 16:13, Anjan Tek wrote: > >> >> I don't understand what you want me to do exactly. Isn't the >> authenticity token being sent from the HTML to Flex in the first >> place? >> That same value is coming back from flex as a POST variable, right? >> >> So how would they differ? >> >> Do you want me to put a text field in the HTML and put the >> authenticity >> token into it and check if the POST value matches it? >> > > One avenue to explore is that the authenticity token is based on the > session (either a value in it, or the session etc...) if the flex > stuff doesn't use rails' session cookie then you would get an invalid > authenticity token error. > > Fred >
What Fred said. Open up the HTML source in your browser and find the authenticity token. Now open up the web server logs (log/development.log most likely). Now do the post from Flex. Compare the two values. They're probably different for you and that's what's throwing the error. The difference is because the auth token is built from the session id, and if your session stuff is messed up somehow, Rails will find a discrepency and error out. Jason --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
