Ruby-on-rails 如何忽略 Rails 中特定操作的真实性令牌?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1177863/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I ignore the authenticity token for specific actions in Rails?
提问by edebill
When I have a specific action that I don't want to check the authenticity token on, how do I tell Rails to skip checking it?
当我有一个不想检查真实性令牌的特定操作时,我如何告诉 Rails 跳过检查它?
回答by edebill
In Rails 4:
在 Rails 4 中:
skip_before_action :verify_authenticity_token, except: [:create, :update, :destroy]
And Rails 3:
和 Rails 3:
skip_before_filter :verify_authenticity_token
For previous versions:
对于以前的版本:
For individual actions, you can do:
对于单个操作,您可以执行以下操作:
protect_from_forgery :only => [:update, :destroy, :create]
#or
protect_from_forgery :except => [:update, :destroy, :create]
For an entire controller, you can do:
对于整个控制器,您可以执行以下操作:
skip_before_action :verify_authenticity_token
回答by Epigene
In Rails4you use skip_before_actionwith exceptor only.
在Rails4您使用skip_before_action与except或only。
class UsersController < ApplicationController
skip_before_action :verify_authenticity_token, only: [:create]
skip_before_action :some_custom_action, except: [:new]
def new
# code
end
def create
# code
end
protected
def some_custom_action
# code
end
end
