Home/ Questions/Q 6054161
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T08:07:19+00:00

Using the rails-ckeditor and I’m getting a 401 exception anytime I try to upload

  • 0

Using the rails-ckeditor and I’m getting a 401 exception anytime I try to upload an image using the “Browse Server” and then “Upload” buttons. I’m securing my site right now using simple basic authentication as such

class ApplicationController < ActionController::Base
  protect_from_forgery

  before_filter :authenticate

  def logged_in?
    # cookies[:auth].present?
  end

  def authenticate
    # unless logged_in?
      authenticate_or_request_with_http_basic do |login, password|
        if(login == "user1" && password == "password")
          cookies.permanent.signed[:auth] = login
        end
      end
    # end
  end

  def current_church
    @current_church ||= Church.first
  end

end

If I disable basic authentication everything works fine. Is there a remedy for this?

Thanks -wg

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Problem is with using SWFUpload (flash) to send up cookies.

    This link got me looking in the right direction:
    http://ruby-on-rails-development.co.uk/2011/05/23/securing-ckeditor-file-management

    The solution is to follow the directiosn from that article with the following additions:

    1. In the flash_session_cookie_middleware.rb file add

      env[‘HTTP_COOKIE’] = [ ‘auth’, params[‘auth’] ].join(‘=’).freeze

    2. In the base_helper.rb file (under /app/helpers/ckeditor) add the following:

      options[‘auth’] = Rack::Utils.escape(cookies[:auth])

    The latest source for this gem handles session based tokens and the authenticity token already. This simple hack is only needed if your going with a cookie based approach to managing your authentication ticket.

    • 0