Hello, I’m just starting out with Rails. I’ve been using Ruby Mine and it’s been working well. I can run my server, connect to it, sign in, and upload photos. I’ve uploaded all the project files to GitHub. I tried running the project on GitHub Codespaces but I haven’t been successful. I can access the enpoint /users/sign_in alright but when I try to sign in or sign up I get some errors on the terminal. I’m using Devise. These are some of the errors that are printer onto the server terminal: Started GET “/users/sign_up” for 10.240.2.146 at 2023-10-26 23:49:12 +0000 Cannot render console from 10.240.2.146! Allowed networks: 10.240.0.10, 127.0.0.0/127.255.255.255, ::1

HTTP Origin header (https://localhost:3000) didn’t match request.base_url (https://cautious-space-acorn-x5jx45946ggfr6j-3000.app.github.dev) Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms | Allocations: 868) ActionController::InvalidAuthenticityToken (HTTP Origin header (https://localhost:3000) didn’t match request.base_url (https://cautious-space-acorn-x5jx45946ggfr6j-3000.app.github.dev)):

I’ve beein trying to fix it for a couple of days using bing Ai but didn’t get anywhere. I’ve added this code inside of /config/environments/development.rb: require “active_support/core_ext/integer/time” Rails.application.configure do config.hosts << “cautious-space-acorn-x5jx45946ggfr6j-3000.app.github.dev” config.web_console.whitelisted_ips = ‘10.240.0.10’

This is my user model: class User < ApplicationRecord

Include default devise modules. Others available are:

:confirmable, :lockable, :timeoutable, :trackable and :omniauthable

devise :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable has_many :photos has_many :comments end

This is my GitHub repo if it is important: GitHub - patrickfeeney03/PhotoApp: Rails app that allows users to publish photos online.

I may be missing so much info from this, if I am please ask for it. I’m just starting out. Thanks in advance, Cheers, Patrick.

Hi Patrik. I had the same issue in Codespaces. I make a little turnaround.

In the Controller, let’s say Post at the beginning I put:

if Rails.env.development? skip_before_action :verify_authenticity_token end

That skip the Token Authenticity in development but it doesn’t affect your app in production. Hope it helps you or another developer

@antoniolulee skipping :verify_authenticity_token resolves the issue, but it again a security issue right?, how we can verify the authenticity of a request in development mode?

I don’t think is a security issue on dev environment. But the solution is make a proper config on codespaces or rails app. What I say is a turnaround maybe in few months we can see more info in codespaces documentation. If you wanna solve it you can execute the app in your local computer and you will not have the Authentication Controller Token issue

Thank you for your answer Antonio.

Yo alsow can put the code in application.controller.rb

class ApplicationController < ActionController::Base if Rails.env.development? skip_before_action :verify_authenticity_token end end

To avoid use it in every controller you have

I ran into the same problem. Fixed by using the “preview” URL instead. In your case, try adding “.preview” to the URL like so:

https://cautious-space-acorn-x5jx45946ggfr6j-3000.preview.app.github.dev

(instead of “https://cautious-space-acorn-x5jx45946ggfr6j-3000.app.github.dev”)