Rails 3 swf_upload InvalidAuthenticityToken 和发送 cookie 会话

发布于 2024-09-16 16:37:44 字数 1205 浏览 1 评论 0原文

我有一个 swfupload 在 Rails 3 上使用回形针（终于！）我在控制器中使用以下行关闭了 autehnticitytoken：

skip_before_filter :verify_authenticity_token, :only => :create

我知道正在尝试让会话正常工作（闪存不会发送此信息）当然，我用谷歌搜索了我的屁股，但到目前为止还没有运气。这就是我的看法（部分）

'<%= u session_key_name %>' : encodeURIComponent('<%= u cookies[session_key_name] %>'),
'authenticity_token' : '<%= form_authenticity_token %>',
'gallerie_id' : '<%= params[:gallery_id] %>'

所以我将会话密钥与发布数据一起发送。我必须用一些中间件代码“捕获”这些参数。

require 'rack/utils'

class FlashSessionCookieMiddleware
  def initialize(app, session_key = '_session_id')
    @app = app
    @session_key = session_key
  end

  def call(env)
    if env['HTTP_USER_AGENT'] =~ /^(Adobe|Shockwave) Flash/
      req = Rack::Request.new(env)
      env['HTTP_COOKIE'] = [ @session_key,
                             req.params[@session_key] ]
                           .join('=').freeze unless req.params[@session_key].nil?
      env['HTTP_ACCEPT'] = "#{req.params['_http_accept']}"
                           .freeze unless req.params['_http_accept'].nil?
    end
    @app.call(env)
  end
end

谁能帮助我！现在真的卡住了！

原文

I have a swfupload working with paperclip on rails 3 (finally!)
I turned off the autehnticitytoken with the following line in my controller:

skip_before_filter :verify_authenticity_token, :only => :create

I know am trying to get sessions working (flash doesn't send this)
Of course i googled my ass of but no luck so far.
this is what i have in my view (part of it)

'<%= u session_key_name %>' : encodeURIComponent('<%= u cookies[session_key_name] %>'),
'authenticity_token' : '<%= form_authenticity_token %>',
'gallerie_id' : '<%= params[:gallery_id] %>'

So i send the session key with the post data. I have to "catch" those params with some middleware code.

require 'rack/utils'

class FlashSessionCookieMiddleware
  def initialize(app, session_key = '_session_id')
    @app = app
    @session_key = session_key
  end

  def call(env)
    if env['HTTP_USER_AGENT'] =~ /^(Adobe|Shockwave) Flash/
      req = Rack::Request.new(env)
      env['HTTP_COOKIE'] = [ @session_key,
                             req.params[@session_key] ]
                           .join('=').freeze unless req.params[@session_key].nil?
      env['HTTP_ACCEPT'] = "#{req.params['_http_accept']}"
                           .freeze unless req.params['_http_accept'].nil?
    end
    @app.call(env)
  end
end

can anybody help me! really stuck now!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

勿挽旧人 2024-09-23 16:37:44

这可能是因为“session_key”更改为“key”。以下是对我有用的更新。

require 'rack/utils'
class FlashSessionCookieMiddleware
  def initialize(app, key = '_MYAPP_session')
    @app = app
    @key = (key || '_MYAPP_session')
  end

  def call(env)
    if env['HTTP_USER_AGENT'] =~ /^(Adobe|Shockwave) Flash/
      params = ::Rack::Utils.parse_query(env['QUERY_STRING'])
      unless params[@key].nil?
        env['HTTP_COOKIE'] = "#{@key}=#{params[@key]}".freeze
        # puts "env['HTTP_COOKIE'] #{env['HTTP_COOKIE'].inspect}"
      end
    end
    @app.call(env)
  end
end

另外，在设置 javascript 变量时，您需要检查以确保您的 javascript 在 ActionController::Base.session_options[:key] 中使用的是“key”而不是“session_key”。

It's probably because "session_key" changed to just "key". Below is this update that works for me.

require 'rack/utils'
class FlashSessionCookieMiddleware
  def initialize(app, key = '_MYAPP_session')
    @app = app
    @key = (key || '_MYAPP_session')
  end

  def call(env)
    if env['HTTP_USER_AGENT'] =~ /^(Adobe|Shockwave) Flash/
      params = ::Rack::Utils.parse_query(env['QUERY_STRING'])
      unless params[@key].nil?
        env['HTTP_COOKIE'] = "#{@key}=#{params[@key]}".freeze
        # puts "env['HTTP_COOKIE'] #{env['HTTP_COOKIE'].inspect}"
      end
    end
    @app.call(env)
  end
end

Also, you'll want to check to make sure your javascript is using the "key" instead of "session_key" for ActionController::Base.session_options[:key] when setting your javascript variable.

回复收藏 0 原文

~没有更多了~