But, for security I want to turn it back on. But I'm unable to get
Flash to send the vars correctly. I am able to grab the auth token
with some Javascript and I then use:
variables = new URLVariables();
variables.authenticity_token = paramList["authenticityToken"];
var request = new URLRequest(UPLOAD_URL);
request.method = URLRequestMethod.POST;
request.data = variables;
Is that correct? The variable in an html rails form uses the same var
"authenticity_token" so I would assume it's the same, but it's not
working.
One gotcha I ran into is authenticity_tokens are not URI-safe, which
was causing intermittent failures for me depending on the value of a
given authenticity_token. So when I’m pulling it from the flashvars I
do:
var
authenticity_token:String=encodeURIComponent(parameters[“authenticity_token”]);
Glancing at the doc for URLVariables, I don’t think it does that for
you; you need to do it yourself.
instead of variables, and still nothing. One thing I did notice... I
made a dynamic field on the stage and put the auth_code in there to
see if it was working. I'm not sure why, but for some reason the field
won't include any + signs. there's spaces there, and when I look in
the form field in html on the same page I have my flash, the spaces
are + signs. Not sure if that's a reason..
It still won’t work. This issue has been discussed in the past (I know cos I participated in it and provided a nice course of action to get it working :-)).
The post is about integrating SWFUpload with Rails and pass it on to attachment_fu, but variants such as custom Flash uploaders and Paperclip instead of attachment_fu should be easy to deduce from my information.
