Guys, I'm using some AJAX on my application, but when protect_from_forgery is on sometimes it works and sometimes the user session is killed. Today i found out why.
It happens the following: The authenticity_token is sent correctly as you can see below, Started DELETE "/clients/118/files/20?authenticity_token=hoMH9/heaFWXWWy+aE1xKQcpf4xrLoVWGqkq0pzzwuo=" for 127.0.0.1 at Wed Apr 27 23:06:50 -0300 2011 but, next line on server is, Processing by ClippingsController#destroy as JS Parameters: {"authenticity_token"=>"hoMH9/heaFWXWWy aE1xKQcpf4xrLoVWGqkq0pzzwuo=", "id"=>"20,", "client_id"=>"118"} as you can see, the plus sign ('+') turned into a white space. Once the token doesn't match the user session is killed. Is someone experiencing this ? Any help how to fix it ? Thanks, Ernesto -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.