Hello,
I've just upgraded by app to Rails 2.1 and my log started to be filled with ActionController::InvalidAuthenticityToken exceptions.
I have an application with external XML Restful access. It seems each time a request comes from a search engine crawler (that doesn't support sessions or cookies), Rails 2.1 raises an error even if the documentation says:
Only HTML/JavaScript requests are checked, so this will not protect your XML API (presumably you'll have a different authentication scheme there anyway).
Any suggestion?
Here's the latest part of the backtrace.
"ActionController::InvalidAuthenticityToken" /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ request_forgery_protection.rb:86:in `verify_authenticity_token' /usr/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/active_support/ callbacks.rb:173:in `send' /usr/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/active_support/ callbacks.rb:173:in `evaluate_method' /usr/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/active_support/ callbacks.rb:161:in `call' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ filters.rb:430:in `call' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ filters.rb:592:in `run_before_filters' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ filters.rb:578:in `call_filters' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ filters.rb:573:in `perform_action_without_benchmark' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ benchmarking.rb:68:in `perform_action_without_rescue' /usr/lib/ruby/1.8/benchmark.rb:293:in `measure' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ benchmarking.rb:68:in `perform_action_without_rescue' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ rescue.rb:201:in `perform_action_without_caching' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ caching/sql_cache.rb:13:in `perform_action' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ connection_adapters/abstract/query_cache.rb:33:in `cache' /usr/lib/ruby/gems/1.8/gems/activerecord-2.1.0/lib/active_record/ query_cache.rb:8:in `cache' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ caching/sql_cache.rb:12:in `perform_action' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ base.rb:529:in `send' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ base.rb:529:in `process_without_filters' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ filters.rb:569:in `process_without_session_management_support' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ session_management.rb:130:in `process' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ base.rb:389:in `process' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:149:in `handle_request' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:107:in `dispatch' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:104:in `synchronize' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:104:in `dispatch' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:120:in `dispatch_cgi' /usr/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/ dispatcher.rb:35:in `dispatch'