Rails 2.3.2 Ajax posting to XML

I believe this might have already been discussed but i have recently
been thrown an application that was written for rails 1.2.6, and i have
been given the task to upgrade it (please note that im super to new to
ruby as well, but we can't really do anything about that)

basically the pervious person was doing an ajax call using
"path/to5.xml?_method=delete"

and then posting, however with 2.3.2, this is no longer allowed?

What's happening when you do this ? I do vaguely recall a change where
the requests that were exempt from csrf protection changed:

https://rails.lighthouseapp.com/projects/8994/tickets/73-security-bug-request-forgery-protection-checks-for-accept-header-instead-of-content-type-header
https://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/1145-bug-invalidauthenticitytoken-incorrectly-raised-for-xml-controllerdestroy-request

Fred

I write code use flex3 from rails2.2 to rails2.3.

And i got the same question with you.

Rails2.3 do not accept GET params from url.

You may try the other ways by the HTTP Headers. I dnot know if you can change the headers for Ajax.

X_HTTP_METHOD_OVERRIDE=“PUT”