I have a wierd website setup, because my boss doesn't want to change who hosts our email server.
My website is hosted on site5, and has a domain name registered with them (www.mysite1.com). www.mysite2.net is registered somewhere else and resolves to www.mysite1.com.
When I try to login to www.mysite1.com I have no problems. When I try to login to www.mysite2.net, I get an error from the verify_authenticity_token method.
I'm pretty sure I'm getting this because the session isn't being loaded from the request, becuase I need to set some configuration in config.action_controller.session = { in my environment.rb file.
I use :active_record_store
I've tried digging around in the abstract_store.rb file to see if I could just hardcode something into the load! method so that it would make sure to load authenticity_token from the request into the session.
def load! stale_session_check! do id, session = @by.send(:load_session, @env) (@env[ENV_SESSION_OPTIONS_KEY] ||= {})[:id] = id replace(session) @loaded = true end end
Any suggestions would be great.