Create Rails Authentication Token with iFrame or Facebook

Question

Create Rails Authentication Token with iFrame or Facebook

Rails CSRF authentication token is known to not work inside iframe or Facebook canvas. Iframe Reasons Cannot Authenticate CSRF n Rails Authentication

The recommended solution turns it off. However, I am getting bots automatically submitting our nested form. I would like to have some sort of CSRF protection without having to resort to captcha.

Is there anyway to get the rails token to work inside or iframe or is there a better solution out there? Thanks to

+3

ruby-on-rails ruby-on-rails-4 csrf csrf-protection facebook-canvas

Charles zhang Jul 24 15 at 18:15

source to share

No one has answered this question yet

See similar questions:

2

Iframe reasons Cannot authenticate CSRF n Rails authentication

or similar:

941

Understanding Rails Authentication ID

552

What is CSRF token? What is its meaning and how does it work?

213

Why put CSRF tokens in cookies so often?

209

WARNING. Unable to verify the authentication rails of the CSRF token.

186

Rails 4 Authenticity

164

Django CSRF error with POJ Ajax request

29

Rails 4 skips protection_from_forgery for API actions

6

How to handle pages with deprecated CSRF authentication tokens in Rails

1

CSRF session_store token with ember-simple-auth along with Devise

0

Rails deployment leading to "Unable to validate CSRF token" spikes

Create Rails Authentication Token with iFrame or Facebook

More articles: