设计+ Omniauth [警告：无法验证 CSRF 令牌的真实性]

发布于 2024-12-04 05:54:47 字数 727 浏览 4 评论 0原文

收到此警告

WARNING: Can't verify CSRF token authenticity

我在回调操作运行之前立即

Started GET "/users/auth/open_id?openid_url=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid" for 98.xxx.xx.xx at 2011-09-12 16:26:02 -0400
Started GET "/users/auth/open_id/callback?openid_url=https%3A%2%2Fwww.google.com%2Faccounts ... etc ... etc
Processing by Users::OmniauthCallbacksController#open_id as HTML
Parameters: {"openid_url"=>"https://www.google.com/accounts/o8/id"}
WARNING: Can't verify CSRF token authenticity
Entering Users::OmniauthCallbacksController, omniauth_login

，即直接来自浏览器的请求没有警告。我使用的是 Rails 3.1、devise 1.4.5、omniauth 0.2.6。

关于如何解决这个问题的想法？

谢谢！

原文

I am getting this warning

WARNING: Can't verify CSRF token authenticity

immediately before my callback action runs, i.e.

Started GET "/users/auth/open_id?openid_url=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid" for 98.xxx.xx.xx at 2011-09-12 16:26:02 -0400
Started GET "/users/auth/open_id/callback?openid_url=https%3A%2%2Fwww.google.com%2Faccounts ... etc ... etc
Processing by Users::OmniauthCallbacksController#open_id as HTML
Parameters: {"openid_url"=>"https://www.google.com/accounts/o8/id"}
WARNING: Can't verify CSRF token authenticity
Entering Users::OmniauthCallbacksController, omniauth_login

There is no warning for requests coming directly from the browser. I am using rails 3.1, devise 1.4.5, omniauth 0.2.6.

Ideas on how to address this?

Thanks!

分享到QQ

分享到微博