This project is archived and is in readonly mode.

#242 ✓invalid
Tiago Macedo

Fixing form_authenticity_token in the test environment

Reported by Tiago Macedo | May 23rd, 2008 @ 04:32 PM

In trunk (and 2.0x) using form_authenticity_token in a template will result in an error because protect_from_forgery is disabled.

In the rare ocasion of having to manually build a form and add the token tests will raise an exception. This patch (which includes a test) fixes it.

The problem is also described here:

http://groups.google.com/group/r...

The "fix" is merely outputting a blank string instead of the token if protect_from_forgery is disabled and form_authencity_token is invoked.

Comments and changes to this ticket

  • Pratik

    Pratik May 23rd, 2008 @ 04:35 PM

    • Title changed from “[PATCH] Fixing form_authenticity_token in the test environment” to “Fixing form_authenticity_token in the test environment”
  • Pratik

    Pratik May 29th, 2008 @ 10:50 AM

    • State changed from “new” to “invalid”

    This patch feels like a hack. You should just be using mocking/stubbing for such cases.

    Thanks.

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>

People watching this ticket

Attachments

Pages