I have a rails app that serves some APIs to an iPhone application. I

Question

0

Asked: May 21, 20262026-05-21T15:44:26+00:00 2026-05-21T15:44:26+00:00

I have a rails app that serves some APIs to an iPhone application. I

0

I have a rails app that serves some APIs to an iPhone application.
I want to be able to simply post on a resource without minding on get the correct CSRF token.
I tried some methods that I see here in stackoverflow but it seems they no longer work on rails 3.

Thank you for helping me.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-21T15:44:27+00:00

Editorial Team

2026-05-21T15:44:27+00:00Added an answer on May 21, 2026 at 3:44 pm

In the controller where you want to disable CSRF the check:

skip_before_action :verify_authenticity_token

Or to disable it for everything except a few methods:

skip_before_action :verify_authenticity_token, :except => [:update, :create]

Or to disable only specified methods:

skip_before_action :verify_authenticity_token, :only => [:custom_auth, :update]

More info: RoR Request Forgery Protection

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a rails app that serves some APIs to an iPhone application. I

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply