This https://github.com/rails/rails/commit/84ca8c8cd07d700598e87b418370268f146b122c
was merged an rc2 is coming soon.
On Wed, Mar 28, 2012 at 12:13 PM, JGW Maxwell <jgwmaxwell@gmail.com> wrote:
> That seems like it breaks any kind of progressive AJAX enhancement, since a
> remote submit form, submitted normally, will now fail CSRF protection.
>
>
> On Wednesday, 28 March 2012 04:25:14 UTC+1, bill walton wrote:
>>
>> Hi Santiago,
>>
>> On Tue, Mar 27, 2012 at 12:16 PM, Santiago Pastorino
>> <REMOVED> wrote:
>> > Rails 3.2.3.rc1 has been released.
>> <snip>
>> > *ActionPack*
>> >
>> > * Do not include the authenticity token in forms where remote: true
>> > as ajax forms use the meta-tag value *DHH*
>>
>> Could you please point me to more on this?
>>
>> Thanks,
>> Bill
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Talk" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/rubyonrails-talk/-/L7iE5xkW0dMJ.
>
> To post to this group, send email to rubyonrails-talk@googlegroups.com.
> To unsubscribe from this group, send email to
> rubyonrails-talk+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/rubyonrails-talk?hl=en.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
No comments:
Post a Comment