Rails: How to add an exception for an external server to request via post/put for activated protection from forgery?


Rails: How to add an exception for an external server to request via post/put for activated protection from forgery?



How can I allow a specific server/url to send for example a post request if I have activated protect_from_forgery in a Ruby on Rails application? Usually it is a desired behaviour that a Rails application blocks requests from other servers and so I also want to keep this functionality and I do not want to switch protect_from_forgery off. But I want to send a post request from an external application to my Rails application and so I would like to allow this specific application to send post requests. So I would need to either create an authenticity token that my application accepts in the remote application or I would need to add an exception for that specific remote server/url. Is that possible and if yes - how?




Strip Inline CSS and JavaScript in Rails

1:



Rails has_many with alias name
skip_before_filter :verify_authenticity_token, :only => :action_name 
and then have some other verification (HMAC, whatever) that you check in your application..
Ruby on Rails modules, code sharing, and community


Rails routing and URI fragment identifier


79 out of 100 based on 89 user ratings 439 reviews