2

簡単な Rails アプリを作成し、heroku にデプロイしています。アプリは認証にdeviseを使用します。開発環境と本番環境ではすべて正常に動作し、iOS の Mobile Safari ブラウザ経由でログインしようとすると ACCEPT になります。

Heroku のログには次のように書かれています。

2012-10-17T18:56:52+00:00 app[web.1]: Started POST "/users/sign_in" for 87.123.175.106 at 2012-10-17 20:56:52 +0200
2012-10-17T18:56:52+00:00 app[web.1]: Processing by Devise::SessionsController#create as HTML
2012-10-17T18:56:52+00:00 app[web.1]:   Parameters: {"utf8"=>"✓", "authenticity_token"=>"SHHVgAxRFJ8VFu2cnbh/YGn6s6q0L9Mnp24x9Whu2mk=", "user"=>{"name"=>"test", "password"=>"[FILTERED]"}, "commit"=>"anmelden"}
2012-10-17T18:56:52+00:00 app[web.1]: WARNING: Can't verify CSRF token authenticity
2012-10-17T18:56:53+00:00 app[web.1]: Redirected to http://xxxxxxxx.herokuapp.com/

Opera などの他の iOS ブラウザでは問題は発生しません。私は (ユーザー名の追加を除いて) 工夫するカスタムは何もしていません。

iOS と CSRF トークンの問題が漠然と対処されているいくつかの投稿を読みましたが、私はレールにかなり慣れていないため、これを修正する方法が本当にわかりません。誰か助けてくれませんか?

アップデート:

この投稿でアドバイスされprotect_from_forgeryているように、application_controller.rb と application.html.erb でコメントアウトしましたcsrf_meta_tags:domain => :allまた、 config/session_store.rbに追加しました。

何も助けませんでした。明らかに、Can't verify CSRF token authenticityエラーはもう表示されませんが、次のログが表示されます。

2012-10-18T18:19:03+00:00 app[web.1]: Started POST "/users/sign_in" for 87.123.130.136 at 2012-10-18 20:19:03 +0200
2012-10-18T18:19:03+00:00 app[web.1]: Processing by Devise::SessionsController#create as HTML
2012-10-18T18:19:03+00:00 app[web.1]:   Parameters: {"utf8"=>"✓", "authenticity_token"=>"Q+fF+9Sj2Q+X2VV34Jkrt1K8C3u4/NB6YC3yslYjkyQ=", "user"=>{"name"=>"test", "password"=>"[FILTERED]"}, "commit"=>"anmelden"}
2012-10-18T18:19:03+00:00 heroku[router]: POST pacific-beyond-5428.herokuapp.com/users/sign_in dyno=w
eb.1 queue=0 wait=0ms service=783ms status=302 bytes=107
2012-10-18T18:19:03+00:00 app[web.1]: Redirected to http://pacific-beyond-5428.herokuapp.com/
2012-10-18T18:19:03+00:00 app[web.1]: Completed 302 Found in 577ms (ActiveRecord: 0.0ms)
2012-10-18T18:19:04+00:00 app[web.1]: 
2012-10-18T18:19:04+00:00 app[web.1]: 
2012-10-18T18:19:04+00:00 app[web.1]: Started GET "/" for 87.123.130.136 at 2012-10-18 20:19:04 +0200
2012-10-18T18:19:04+00:00 app[web.1]: Processing by HomeController#index as HTML
2012-10-18T18:19:04+00:00 app[web.1]: Completed 401 Unauthorized in 0ms
2012-10-18T18:19:04+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/ dyno=web.1 queue=0 wait=0ms service=12ms status=302 bytes=120
2012-10-18T18:19:04+00:00 app[web.1]: 
2012-10-18T18:19:04+00:00 app[web.1]: Started GET "/users/sign_in" for 87.123.130.136 at 2012-10-18 20:19:04 +0200
2012-10-18T18:19:04+00:00 app[web.1]: Processing by Devise::SessionsController#new as HTML
2012-10-18T18:19:04+00:00 app[web.1]: 
2012-10-18T18:19:04+00:00 app[web.1]:   Rendered layouts/_navigation.html.erb (1.4ms)
2012-10-18T18:19:04+00:00 app[web.1]:   Rendered devise/shared/_links.html.erb (0.7ms)
2012-10-18T18:19:04+00:00 app[web.1]:   Rendered devise/sessions/new.html.erb within layouts/application (25.8ms)
2012-10-18T18:19:04+00:00 app[web.1]:   Rendered layouts/_messages.html.erb (0.4ms)
2012-10-18T18:19:04+00:00 app[web.1]:   Rendered layouts/_sidebar.html.erb (0.3ms)
2012-10-18T18:19:04+00:00 app[web.1]: Completed 200 OK in 33ms (Views: 31.9ms | ActiveRecord: 0.0ms)
2012-10-18T18:19:04+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/users/sign_in dyno=web.1 queue=0 wait=0ms service=44ms status=200 bytes=2361
2012-10-18T18:19:04+00:00 app[web.1]: 
2012-10-18T18:19:04+00:00 app[web.1]: 
2012-10-18T18:19:04+00:00 app[web.1]: Started GET "/assets/foundation/app.js" for 87.123.130.136 at 2012-10-18 20:19:04 +0200
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/app.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Served asset /foundation/app.js - 304 Not Modified (282ms)
2012-10-18T18:19:05+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/assets/foundation/app.js dyno=web.1 queue=0 wait=0ms service=297ms status=304 bytes=0
2012-10-18T18:19:05+00:00 app[web.1]: 
2012-10-18T18:19:05+00:00 app[web.1]: 
2012-10-18T18:19:05+00:00 app[web.1]: Started GET "/assets/foundation/index.js" for 87.123.130.136 at 2012-10-18 20:19:05 +0200
2012-10-18T18:19:05+00:00 heroku[router]: GET pacific-beyond-5428.herokuapp.com/assets/foundation/index.js dyno=web.1 queue=0 wait=0ms service=905ms status=304 bytes=0
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/modernizr.foundation.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.placeholder.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.alerts.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.accordion.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.buttons.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.tooltips.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.forms.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.tabs.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.navigation.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.topbar.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.reveal.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.orbit.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/jquery.foundation.mediaQueryToggle.js  (0ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Compiled foundation/index.js  (86ms)  (pid 2)
2012-10-18T18:19:05+00:00 app[web.1]: Served asset /foundation/index.js - 304 Not Modified (616ms)

誰かのアイデア?

4

1 に答える 1

0

次の Heroku ログで、本番環境で同じ症状が見られるのと同じエラーが発生しました。

  • WARNING: Can't verify CSRF token authenticity
  • そして、ログイン試行後の 401 Unauthorized リダイレクト。

私にとっての解決策は、 in に追加domain: :allすることsession_storeでしたconfig/initializers/session_store.rb

于 2013-03-06T23:06:51.600 に答える