[Facebooker-talk] InvalidAuthenticityToken when user adds application through facebook registration
George Deglin
george at xapblog.com
Mon Sep 8 19:49:01 EDT 2008
If a user that has not yet signed up for Facebook attempts to visit an
application page facebook presents them with a registration form. After this
form is completed, the application is automatically added to the user's
account and Facebook displays the following message:
Welcome George Tesster! Your account has been created.
[application] has been added to your account.
Facebook also issues a post request similar to the following:
Processing HomeController#index (for 127.0.0.1 at 2008-09-08 16:36:48)
[POST]
Session ID: b3286f3c51ba8da745b45732-1487557007
Parameters: {"fb_sig_time"=>"1220917013.3643",
"fb_sig"=>"95fcf4dabcc91059e5c8452155708142", "installed"=>"1",
"action"=>"inde
x", "fb_sig_session_key"=>"b3286f3c51ba8da745b45732-1487557007",
"auth_token"=>"a3a7138b014d8a4ceedc6fdbc3cd3822", "controller"=
>"home", "fb_sig_expires"=>"0", "fb_sig_added"=>"1",
"fb_sig_api_key"=>"06565c8dc05254276bcffcff049f604b", "fb_sig_profile_updat
e_time"=>"0", "fb_sig_user"=>"1487557007", "fb_sig_registration"=>"1"}
Rails then throws the following error:
ActionController::InvalidAuthenticityToken
(ActionController::InvalidAuthenticityToken):
c:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/request_forgery_protection.rb:86:in
`verify_authenticity_token'
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/facebooker-talk/attachments/20080908/ddc24074/attachment.html>
More information about the Facebooker-talk
mailing list