After three years of series of using BlackBerries (work and personal), I went to the dark side and got myself an Android phone.
It was a bit getting used to (and necesarry nagging from my end), but here are some of the reasons why I love it, and some reasons why I miss my Blackberry:
Continue reading…
In Ruby on Rails, authenticity tokens are generated to prevent CSRF (Cross Site Request Forgery) attacks. These tokens generate a unique “identifier” to prevent other website from making requests on your behalf, or so-called “session riding”.
In Ruby on Rails, to have this identifier available for you, you need to put <%= csrf_meta_tag %> in your view, usually in app/views/layouts/application.html.erb. This tag creates something like:
<meta name=”csrf-param” content=”authenticity_token”/>
<meta name=”csrf-token” content=”uDDuQj14CCJ…”>
If you create your own AJAX functions, say with JQuery, you would need these values in order to have rails handle your request. This can be done using the following:
var param = $(‘meta[name=csrf-token]‘).attr(‘content’);
Which you can use then in your AJAX requests
$.post(‘/post’, { body: $(‘#post_body’).val(), authenticity_token: param }, function(data){
var ret = jQuery.parseJSON(data);
if(ret.status==”ok”) {
…
© 2012 Michael Hendrickx. All Rights Reserved.