Rails应用程序的HTTPS-InvalidAuthenticityToken

Question

Rails应用程序的HTTPS-InvalidAuthenticityToken

Har*_*M V 4 ssl ruby-on-rails ruby-on-rails-5

我正在努力https为我的Rails应用程序工作。当我尝试在应用程序上进行任何与帖子相关的活动时，出现以下错误。

Exception `ActionController::InvalidAuthenticityToken' at /usr/local/rvm/gems/ruby-2.4.1/gems/actionpack-5.0.4/lib/action_controller/metal/request_forgery_protection.rb:195 - ActionCon
troller::InvalidAuthenticityToken
Exception `ActionController::InvalidAuthenticityToken' at /usr/local/rvm/gems/ruby-2.4.1/gems/actionpack-5.0.4/lib/action_controller/metal/rescue.rb:23 - ActionController::InvalidAuthe
nticityToken
Exception `ActionController::InvalidAuthenticityToken' at /usr/local/rvm/gems/ruby-2.4.1/gems/activesupport-5.0.4/lib/active_support/notifications/instrumenter.rb:25 - ActionController
::InvalidAuthenticityToken
Exception `ActionController::InvalidAuthenticityToken' at /usr/local/rvm/gems/ruby-2.4.1/gems/actionpack-5.0.4/lib/action_dispatch/middleware/callbacks.rb:42 - ActionController::Invali
dAuthenticityToken
Exception `ActionController::InvalidAuthenticityToken' at /usr/local/rvm/gems/ruby-2.4.1/gems/actionpack-5.0.4/lib/action_dispatch/middleware/debug_exceptions.rb:77 - ActionController:
:InvalidAuthenticityToken

Run Code Online (Sandbox Code Playgroud)

Answer 1

Tom*_*nda 5

尝试将其添加到您的config/environments/production.rb：

# config/environments/production.rb
Rails.application.configure do
  config.force_ssl = true
end

Run Code Online (Sandbox Code Playgroud)

如果您希望此方法在其他环境中生效，请将其也添加到适当的环境文件中。

太棒了，这个作品。还必须在 nginx 配置中添加 `proxy_set_header X-Forwarded-Proto $scheme;` :) (3认同)
请注意使用nginx **作为反向代理的注意事项：您需要在`/ sites-available / *`文件中添加`proxy_set_header X-Forwarded-Proto https;`行。请参阅[此答案。]（/sf/answers/1525576811/） (3认同)

归档时间：	8 年，1 月前
查看次数：	1195 次
最近记录：	8 年，1 月前