rails中sessions的存储

chaosklg

UID: 42323
帖子: 32
积分: 73
在线时间: 1 小时

1^# chaosklg 发表于 2008-07-29 15:50

rails中sessions的存储

在environment.rb中配置config.action_controller.session_store = :active_record_store后重启服务器提示以下错误：

Showing store/index.html.erb where line #8 raised:

No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store).

Extracted source (around line #8):

5: <h3><%= h(product.title) %></h3>
6: <%= product.description %><br/>
7: <span class="price" ><%= number_to_currency(product.price) %></span>
8: <%= button_to "Add to Cart",:action=>:add_to_cart,:id=> product %>
9: </div>
10: <% end %>

RAILS_ROOT: D:/php?name=Project" onclick="tagshow(event)" class="t_tag">Project/depot

Application Trace | Framework Trace | Full Trace
D:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/request_forgery_protection.rb:115:in `form_authenticity_token'
(eval):2:in `send'
(eval):2:in `form_authenticity_token'
app/views/store/index.html.erb:8:in `_run_erb_47app47views47store47index46html46erb'
app/views/store/index.html.erb:2:in `each'
app/views/store/index.html.erb:2:in `_run_erb_47app47views47store47index46html46erb'

请教

黑马

UID: 1985
帖子: 102
积分: 234
在线时间: 14 小时

2^# 黑马发表于 2008-07-31 10:30

protect_from_forgery 2.0后的rails中提供了这个东西以供保护form,你要在config中打开这功能,并在application中设置密钥
No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store
翻译一下就知道了.

andyss

UID: 43400
帖子: 190
积分: 436
在线时间: 2 天 1 小时

3^# andyss 发表于 2008-08-02 18:11

把ApplicationController那句
protect_from_forgery ＃:secret => 'xxxxxxxxxxx‘
改为
protect_from_forgery :secret => 'xxxxxxxxxxx‘
试试