Invalid AuthenticityToken everywhere

Posted by bwizzy on Stack Overflow See other posts from Stack Overflow or by bwizzy
Published on 2010-04-07T13:57:34Z Indexed on 2010/04/07 15:33 UTC
Read the original article Hit count: 336

Filed under:
|
|
|

I have a rails app that I just deployed which is generating Invalid AuthenticityToken errors anywhere a form is submitted. The app uses subdomains as account names and will also eventually allow for a custom domain to be entered. I have an entry in production.rb to allow for cross-domain session handling.

The problem is that you can't login / or submit any form because everything raises an Invalid AuthenticityToken error. The issue looks similar but not the same as http://stackoverflow.com/questions/1201901/rails-invalid-authenticity-token-after-deploy plus I'm not using mongrel. I've tried clearing cookies in the browser, and restarting passenger but no luck.

Anyone have any ideas?

The server is running nginx + passenger 2.3.11, and Rails 2.3.5.

#production.rb
config.action_controller.session[:domain] = '.domain.com'


#environment.rb
config.action_controller.session = {
   :session_key => '_app_session',
   :secret      => '.... nums and chars .....'
 }

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Related posts about passenger