I have a Wordpress site that embeds some elements of a Ruby on Rails site (which is our Members Area and is located on a subdomain). The elements include a login form. When people use it, Rails returns an error due to invalid CSRF token. Do I have to disable CSRF for the login action? What are my options? If the answer is to disable it, then is there a painless way to do so for Devise?
CSRF issue on embedded form
223 Views Asked by Sprachprofi At
1
There are 1 best solutions below
Related Questions in RUBY-ON-RAILS
- .htaccess redirect 403 error files to 404 error document
- RestApi server code is not workinng
- Convert Apache VirtualHost to nginx Server Block for Dynamic Subdomains
- Looking the Method that MANUALLY INSTALL PHP on OSX Yosemite
- Premature end of script on VPS
- Rasterization with Javascript looks different on Apache server
- Vagrant - Ansible error installing Apache
- Can't use subdomain in Chrome using Apache (XAMPP)
- Django webapp (on an Apache2 server) hangs indefintely when importing nltk in views.py
- Redirect keystone app to sub directory using htaccess
Related Questions in CSRF
- .htaccess redirect 403 error files to 404 error document
- RestApi server code is not workinng
- Convert Apache VirtualHost to nginx Server Block for Dynamic Subdomains
- Looking the Method that MANUALLY INSTALL PHP on OSX Yosemite
- Premature end of script on VPS
- Rasterization with Javascript looks different on Apache server
- Vagrant - Ansible error installing Apache
- Can't use subdomain in Chrome using Apache (XAMPP)
- Django webapp (on an Apache2 server) hangs indefintely when importing nltk in views.py
- Redirect keystone app to sub directory using htaccess
Related Questions in PROTECT-FROM-FORGERY
- .htaccess redirect 403 error files to 404 error document
- RestApi server code is not workinng
- Convert Apache VirtualHost to nginx Server Block for Dynamic Subdomains
- Looking the Method that MANUALLY INSTALL PHP on OSX Yosemite
- Premature end of script on VPS
- Rasterization with Javascript looks different on Apache server
- Vagrant - Ansible error installing Apache
- Can't use subdomain in Chrome using Apache (XAMPP)
- Django webapp (on an Apache2 server) hangs indefintely when importing nltk in views.py
- Redirect keystone app to sub directory using htaccess
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Do not disable the CSRF token for security purposes. Instead, look through the code and identify where the CSRF token is originating from, usually the DB, and then you can create a variable with that token value and echo it into an field within the form in question with the specific CSRF token parameter that PHP is expecting.