我试图从iPhone上传图像到我的工作轨道应用程序,使用载波进行处理。我是否需要考虑rails所需的CSRF真实性令牌?
我在我的Titanium app.js文件中有以下内容,大部分来自他们的Snapost示例代码:
xhr.open('POST','http://myapp.com/foos/1/bars');
xhr.send({media:originalImage});
我的rails动作很简单:
def create
@bar = @foo.bars.build(params[:bar])
@bar.image = params[:file]
respond_to do |format|
if @bar.save
format.html { redirect_to(@foo, :notice => 'Bar was successfully created.') }
format.json { render :json => @bar, :status => :created }
fotmat.xml { render :xml => @bar, :status => :created }
else
format.html { render :action => "new" }
format.json { render :json => @bar.errors, :status => :unprocessable_entity }
format.xml { render :xml => @bar.errors, :status => :unprocessable_entity }
end
end
end
从我的设备,我得到'xhr。onerror'警告,当我尝试上传时超时。我的服务器日志如下:
<>之前开始POST "/foos/1/bar "为 ###.###.#.在2011-05-01 17:01:33 -0500处理barscontroller#创建为MULTIPART_FORM参数:{"media"=# " ActionDispatch::Http::UploadedFile:0xabdd968 @original_filename="285050.jpg" @content_type="image/jpeg" @headers="Content-Disposition: form-data;name = "媒体";文件名= ";285050.jpg"rnContent-Type: image/jpegrn", @tempfile=# "文件:/tmp/RackMultipart20110501-32635-olgooh>>;" foo_id"=>"1"}^[[1m^[[] 36mSQL (1.9ms)^[[0m ^[[1mSHOW TABLES^[[0m .^[[1m] [[] 35mFoo加载(0.1ms)^[[0m)* FROM foos WHERE foos。id = 1 LIMIT^[[1m^[[36mSQL (2.6ms)^[[0m ^[[1mBEGIN^[[0m .^[[1m^[[] 35mSQL (5.9ms)^[[0m ROLLBACK在468毫秒内完成406,不可接受您是正确的,是真实性令牌(或缺乏)导致了问题。如何忽略Rails中特定操作的真实性令牌?有更多关于如何忽略它的细节。详见http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html