Heroku的Rails 3.2应用程序devise:无法使用Mobile Safarilogin
我已经构build了一个简单的rails应用程序,并将其部署到heroku。 该应用程序使用devise进行身份validation。 在开发和生产环境中一切正常,在iOS上通过Mobile Safari浏览器login时接受。
Heroku日志说:
2012-10-17T18:56:52+00:00 app[web.1]: Started POST "/users/sign_in" for 87.123.175.106 at 2012-10-17 20:56:52 +0200 2012-10-17T18:56:52+00:00 app[web.1]: Processing by Devise::SessionsController#create as HTML 2012-10-17T18:56:52+00:00 app[web.1]: Parameters: {"utf8"=>"✓", "authenticity_token"=>"SHHVgAxRFJ8VFu2cnbh/YGn6s6q0L9Mnp24x9Whu2mk=", "user"=>{"name"=>"test", "password"=>"[FILTERED]"}, "commit"=>"anmelden"} 2012-10-17T18:56:52+00:00 app[web.1]: WARNING: Can't verify CSRF token authenticity 2012-10-17T18:56:53+00:00 app[web.1]: Redirected to http://xxxxxxxx.herokuapp.com/ 其他iOS浏览器(如Opera)不会出现此问题。 我没有做任何自定义的东西来devise(除了添加一个用户名),它是开箱即用的。
我已经阅读了几个post,其中iOS和CSRF令牌的问题是模糊的,但是我对于Rails很新,并且不知道如何解决这个问题。 任何人都可以帮忙吗?
更新:
正如在这篇文章中所build议的,我在application_controller.rb中注释掉了protect_from_forgery在application.html.erb中注释了protect_from_forgery 。 另外,我添加了:domain => :all config / session_store.rb。
没有帮助。 显然,我没有得到Can't verify CSRF token authenticity错误,但以下日志:
2012-10-18T18:19:03+00:00 app[web.1]: Started POST "/users/sign_in" for 87.123.130.136 at 2012-10-18 20:19:03 +0200 2012-10-18T18:19:03+00:00 app[web.1]: Processing by Devise::SessionsController#create as HTML 2012-10-18T18:19:03+00:00 app[web.1]: Parameters: {"utf8"=>"✓", "authenticity_token"=>"Q+fF+9Sj2Q+X2VV34Jkrt1K8C3u4/NB6YC3yslYjkyQ=", "user"=>{"name"=>"test", "password"=>"[FILTERED]"}, "commit"=>"anmelden"} 2012-10-18T18:19:03+00:00 heroku[router]: POST pacific-beyond-5428.herokuapp.com/users/sign_in dyno=w eb.1 queue=0 wait=0ms service=783ms status=302 bytes=107 2012-10-18T18:19:03+00:00 app[web.1]: Redirected to http://pacific-beyond-5428.herokuapp.com/ 2012-10-18T18:19:03+00:00 app[web.1]: Completed 302 Found in 577ms (ActiveRecord: 0.0ms) 2012-10-18T18:19:04+00:00 app[web.1]: 2012-10-18T18:19:04+00:00 app[web.1]: 2012-10-18T18:19:04+00:00 app[web.1]: Started GET "/" for 87.123.130.136 at 2012-10-18 20:19:04 +0200 2012-10-18T18:19:04+00:00 app[web.1]: Processing by HomeController#index as HTML 2012-10-18T18:19:04+00:00 app[web.1]: Completed 401 Unauthorized in 0ms 2012-10-18T18:19:04+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/ dyno=web.1 queue=0 wait=0ms service=12ms status=302 bytes=120 2012-10-18T18:19:04+00:00 app[web.1]: 2012-10-18T18:19:04+00:00 app[web.1]: Started GET "/users/sign_in" for 87.123.130.136 at 2012-10-18 20:19:04 +0200 2012-10-18T18:19:04+00:00 app[web.1]: Processing by Devise::SessionsController#new as HTML 2012-10-18T18:19:04+00:00 app[web.1]: 2012-10-18T18:19:04+00:00 app[web.1]: Rendered layouts/_navigation.html.erb (1.4ms) 2012-10-18T18:19:04+00:00 app[web.1]: Rendered devise/shared/_links.html.erb (0.7ms) 2012-10-18T18:19:04+00:00 app[web.1]: Rendered devise/sessions/new.html.erb within layouts/application (25.8ms) 2012-10-18T18:19:04+00:00 app[web.1]: Rendered layouts/_messages.html.erb (0.4ms) 2012-10-18T18:19:04+00:00 app[web.1]: Rendered layouts/_sidebar.html.erb (0.3ms) 2012-10-18T18:19:04+00:00 app[web.1]: Completed 200 OK in 33ms (Views: 31.9ms | ActiveRecord: 0.0ms) 2012-10-18T18:19:04+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/users/sign_in dyno=web.1 queue=0 wait=0ms service=44ms status=200 bytes=2361 2012-10-18T18:19:04+00:00 app[web.1]: 2012-10-18T18:19:04+00:00 app[web.1]: 2012-10-18T18:19:04+00:00 app[web.1]: Started GET "/assets/foundation/app.js" for 87.123.130.136 at 2012-10-18 20:19:04 +0200 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/app.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Served asset /foundation/app.js - 304 Not Modified (282ms) 2012-10-18T18:19:05+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/assets/foundation/app.js dyno=web.1 queue=0 wait=0ms service=297ms status=304 bytes=0 2012-10-18T18:19:05+00:00 app[web.1]: 2012-10-18T18:19:05+00:00 app[web.1]: 2012-10-18T18:19:05+00:00 app[web.1]: Started GET "/assets/foundation/index.js" for 87.123.130.136 at 2012-10-18 20:19:05 +0200 2012-10-18T18:19:05+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/assets/foundation/index.js dyno=web.1 queue=0 wait=0ms service=905ms status=304 bytes=0 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/modernizr.foundation.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.placeholder.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.alerts.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.accordion.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.buttons.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.tooltips.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.forms.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.tabs.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.navigation.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.topbar.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.reveal.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.orbit.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.mediaQueryToggle.js (0ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/index.js (86ms) (pid 2) 2012-10-18T18:19:05+00:00 app[web.1]: Served asset /foundation/index.js - 304 Not Modified (616ms)
有人想法?
我在Heroku日志中看到了与生产相同的症状:
-
WARNING: Can't verify CSRF token authenticity - login尝试后,401未经授权的redirect。
我的决议是添加domain: :all的config/initializers/session_store.rb 。