Ruby on rails 轨道&x2B;爱奥尼亚:从爱奥尼亚到rails后端的输入=Can';t验证CSRF令牌真实性400错误请求
我有一个应用程序在爱奥尼亚和rails。其想法是将rails作为后端,将ionic作为接口。我在这个项目中使用jsonapi_资源gem。该请求在postman中运行良好,但是它给了我cors飞行前错误。所以我用rack cors gem解决了这个问题。现在请求确实通过了rails应用程序,现在只是我一直收到这个csrf错误 应用程序\u controller.rbRuby on rails 轨道&x2B;爱奥尼亚:从爱奥尼亚到rails后端的输入=Can';t验证CSRF令牌真实性400错误请求,ruby-on-rails,angularjs,ionic-framework,Ruby On Rails,Angularjs,Ionic Framework,我有一个应用程序在爱奥尼亚和rails。其想法是将rails作为后端,将ionic作为接口。我在这个项目中使用jsonapi_资源gem。该请求在postman中运行良好,但是它给了我cors飞行前错误。所以我用rack cors gem解决了这个问题。现在请求确实通过了rails应用程序,现在只是我一直收到这个csrf错误 应用程序\u controller.rb class ApplicationController < JSONAPI::ResourceController #
class ApplicationController < JSONAPI::ResourceController
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :null_session
before_filter :allow_ajax_request_from_other_domains
after_filter :set_csrf_cookie_for_ng
def allow_ajax_request_from_other_domains
headers['Access-Control-Allow-Origin'] = 'http://localhost:8100/'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Allow-Headers'] = '*'
headers['Access-Control-Allow-Methods'] = 'GET, POST, PATCH, PUT, DELETE, OPTIONS, HEAD'
end
def set_csrf_cookie_for_ng
cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
end
protected
# In Rails 4.2 and above
def verified_request?
super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
end
# In Rails 4.1 and below
def verified_request?
super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
end
end
我捕获输入并发布到rails应用程序的部分:
$scope.item = {};
$scope.post = function(item){
$http({
method: 'POST',
url: 'http://localhost:3000/tests',
data: {"type":"tests", "attributes":{"names":"test from the other side"}},
headers: {'Content-Type': 'application/vnd.api+json', 'Accept': 'application/vnd.api+json' }
})
console.log(item)
}
route.rb
Rails.application.routes.draw do
# The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes".
jsonapi_resources :tests
# You can have the root of your site routed with "root"
root 'welcome#index'
end
我试着寻找答案,但我不断地得到这个错误
Rails.application.routes.draw do
# The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes".
jsonapi_resources :tests
# You can have the root of your site routed with "root"
root 'welcome#index'
end