I've almost entirely converted a rails 2.3.5 app to 3pre. I'm having
some trouble with protect_from_forgery. I had protect_from_forgery set
in application_controller.rb, but run some uploadify ajax stuff in one
of my controllers, where I had protect_from_forgery, :except
=> :add_file set.
In rails 3 I'm getting ActionController::InvalidAuthenticityToken on
the ajax upload unless I turn off protect_from_forgery completely in
application_controller.rb. Seems like the exception in my FileUpload
controller (protect_from_forgery :except => :add_file) isn't taking.
Has anyone else experienced this. Should I report a bug or am I doing
Thanks in advance,