Commenting out protect_from_forgery

Posted by Andy on Stack Overflow See other posts from Stack Overflow or by Andy
Published on 2010-06-01T00:06:57Z Indexed on 2010/06/01 0:13 UTC
Read the original article Hit count: 244

Hi,

I was trying to use active record store but I kept getting an invalid authenticity token. Someone told me to remove my protect_from_forgery from application controller. I know that this would remove all auth tokens but I'm not sure if this is a good idea. Does active record store not need auth tokens?

By the way, all I need is a way to dynamically calculate the number of users online and their session variables. If there is a better way than using active record store it would be nice to know.

© Stack Overflow or respective owner

Related posts about ruby

Related posts about activerecord