Commenting out protect_from_forgery
Posted
by Andy
on Stack Overflow
See other posts from Stack Overflow
or by Andy
Published on 2010-06-01T00:06:57Z
Indexed on
2010/06/01
0:13 UTC
Read the original article
Hit count: 247
Hi,
I was trying to use active record store but I kept getting an invalid authenticity token. Someone told me to remove my protect_from_forgery from application controller. I know that this would remove all auth tokens but I'm not sure if this is a good idea. Does active record store not need auth tokens?
By the way, all I need is a way to dynamically calculate the number of users online and their session variables. If there is a better way than using active record store it would be nice to know.
© Stack Overflow or respective owner