I'm developing a Rails app. I have generated all my resources using the scaffold generator, and now I'm working on javascript, on an AJAX function.
I saw that if I request /entities/1.json, it returns JSON data for the record with id=1, so I was wondering if it's possible to do other CRUD operations the same way with GET/POST http requests using routes like /entities/new.json or so, that is, make an AJAX request sending post data as JSON.
Can you guide me on how to do that?
As you saw, scaffolds generates proper url and code for both HTML and json, so sending a POST to create a resource should work without problems.
You can find more info in the Rails guides about JavaScript and JSON
Related
Well, so far in each article I see people say server respond accordingly to the request type. If it is xml request then response is in xml and if it is ajax or html then response is in ajax or html. Browser send the request and server respond accordingly. My question is in rails app in which part this decision is taken? That is by server which part of the rails app we indicate?
This decision is taken inside the controller of the rails MVC framework and can be modified by the user. The user may wish not to respond to a particular type of request.
The distinction is made by suffix in URI, eg. ..../users/123.json. And You do it by yourself in controller.
According to the Rails security guide, if you use protect_from_forgery, all non-GET requests include an authenticity token. When I have Jquery AJAX POST requests, however, I don't see the authenticity_token param as one of the params in the request. Is this how it's supposed to work?
Also, it seems that POST requests from outside a session (curl in a script) don't require an authencity_token, either.
Thanks!
Rails will send this parameter in the headers rather than in the post data. You need to include the built in rails UJS library to get this to work. Take a look at the headers in your request and you should see one called X-CSRF-Token.
Using Rails, I have a HTTP endpoint that returns an array of the records (media files) linked to a playlist in JSON format.
The client side caching is done by checking the date of the playlist and generate the appropriate etag with Rails' stale?(#playlist) in the /playlist/id/media_files.json response.
Now I would like to implement pagination but trying to keep, to some degree, client side caching.
Is there some smart approach I can take or am I forced to respond to all requests with a 200 and always pumping data down the wire to the clients?
How do you handle pagination (server, client) caching in API?
When I use page caching in Rails and I have to deal with pagination I just put the page in the URL. So, if for example, I have a resource that looks like this:
resource :users
I change it for (add a new line):
get 'users/page/:page', to: 'users#index'
resource :users
I am not sure what client side you are using, but the idea here is that you want to cache individual pages separately. Since the page is now part of the URL, you have each page cached and your problem should be solved :)
I'm working on a Ruby on Rails project where we want to automate some form submissions. How do we simulate posting a form from inside a controller method?
You could follow the POST below to use net/http to do a form post to an external or internal HTTP end point.
Submitting POST data from the controller in rails to another website
or you could use a popular HTTP client or REST client like httparty, wrest, mechanize etc. Look at the list here. https://www.ruby-toolbox.com/projects/rest-client
I want to grant users access to my API (hosted on heroku.com) from their sites.
But a strange problem occurs, when i want them to allow to post to the api:
Data sent from an correct form with the correct action-url (e.g. "http://myapp.com/projects/123/tasks/321/todos") - the params get serialized and send via jQuery - i encounter an "ActionController::MethodNotAllowed" with the additional info: "Only get and post requests are allowed", that re-routes to ApplicationController#index with :method => :options.
Rails doesnt extract the params for project_id (123) and task_id (321) from the url, neither are any further request_parameters, path_parameters or query_parameters available.
This behaviour occurs, when I POST from external sites, but doesn't occur, when posting from an html-page on my local machine. My first thought was about wrong encoding, but how to fix that problem.
Edit:
I am using authlogic (not devise :-D) and for the :create action the protect_from_forgery is already skipped.
Any suggestions appreciated
i guess that happens because rails tries to protect your form CSRF attacks.
you can comment out the protect_from_forgery line in your ApplicationController to test it.
but im not sure if thats the right way of dealing with this issue in the production environment.
Okay. I'll try and answer the right question this time (see other comment).
So I've thought about this, and I'm wondering, is this a case of the jQuery call attempting a PUT request? When you use the local form Rails will POST the data, but add the extra _method field to emulate a PUT.
Don't know if you are using jquery-rails, but this takes care of setting the _method parameter, and the PUT/POST verb translation for you in your AJAX calls.
The problem occured due to the cross domain policy - the request was made from another domain - and because I was using a recent browser that supports CORS, it was sending an OPTIONS-request first to get known from the server, which actions are allowed for this domain.