第一种:
Ror代码
class FooController < ApplicationController
protect_from_forgery :except => :index
# you can disable csrf protection on controller-by-controller basis:
skip_before_filter :verify_authenticity_token
end
class FooController < ApplicationController protect_from_forgery :except => :index # you can disable csrf protection on controller-by-controller basis: skip_before_filter :verify_authenticity_token end
第二种:
修改配置文件config\environments\development.rb
Ror代码
# Disable request forgery protection in development environment
config.action_controller.allow_forgery_protection = false
然后重启服务器
第三种:
在jquery或form中加入
Ruby代码
<%= tag(:input, :type => "hidden", :name =>
request_forgery_protection_token.to_s, :value =>
form_authenticity_token) %>