Should this be working in development mode? For some reason it doesn't.
regards, John
It's working with Ruby1.9.1p243/Rails2.3.4. Check config/environments/development.rb and make sure you don't have "config.action_controller.allow_forgery_protection = false" in there.
Add protect_from_forgery to ApplicationController and you should see a <input type="hidden" name="authenticity_token" value="........./> on your POST pages.
