SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member
    Join Date
    Jul 2008
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Trouble switching off forgery protection

    In Simply Rails 2, page 417, running Rails headless is demonstrated. In the example forgery protection is turned off to allow logging in from the console by issuing the following command:

    ApplicationController.allow_forgery_protection = false

    When I try this I get an error that ApplicationController is an uninitialized constant.

    The Shovell app works fine from the browser and all the tests pass.

    Can someone tell me what is going wrong here?

    Below is my console session leading up to the error.
    Code:
    Loading development environment (Rails 2.1.0)
    >> app.get '/'
    => 200
    >> app.assigns(:stories).size
    => 5
    >> app.get '/stories/new'
    => 302
    >> app.response.redirect_url
    => "link removed to allow posting to forum"     
    >> app.follow_redirect!
    => 200
    >> ApplicationController.allow_forgery_protection = false
    NameError: uninitialized constant ApplicationController
    	from /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/dependencies.rb:278:in `load_missing_constant'
    	from /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/dependencies.rb:467:in `const_missing'
    	from /Library/Ruby/Gems/1.8/gems/activesupport-2.1.0/lib/active_support/dependencies.rb:479:in `const_missing'
    	from (irb):7
    	from :0
    >>

  2. #2
    SitePoint Member
    Join Date
    Jul 2008
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I used the reload! command and tried turning off the forgery protection and it worked. In the end however, I got a 422 after login instead of a 302, and the app.follow_redirect! command failed.

    It looked like this:


    >> reload!
    => true
    >> ApplicationController.allow_forgery_protection = false
    => false
    >> app.get '/stories/new'
    => 302
    >> app.response.redirect_url
    => " url excerpted for posting to forum "
    >> app.follow_redirect!
    => 200
    >> app.post '/session', :login => 'patrick', : password => 'sekrit' (the : in front of "password" is deliberately spaced so as not to produce a green smiley.)
    => 422
    >> app.follow_redirect!
    RuntimeError: not a redirect! 422 Unprocessable
    from C:/InstantRails/ruby/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib
    /action_controller/integration.rb:123:in 'follow_redirect!' from (irb):29


    If I reload! and follow the steps in the recommended order, it does not allow me to switch off the forgery protection.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •