Increasing from 1 Dyno to 2 creates authenticity_token error - ruby-on-rails

I am new to rails and heroku and have created a basic app. I have been playing around in Heroku for the last couple of weeks using just 1 dyno. Now I have increased to two and am getting CSRF errors because the authenticity token is being reset once the second dyno gets involved. At least this is what I think. But I am still learning.
I have heard a lot in podcasts etc about Resque, Sidekiq, memcached and dalli. Is this something I need to go and learn so I can figure out how to persist this users session why there are multiple dynos.
This is a follow on from an early question but I am not sure if they are related or not. Also I am running with phusion passenger.
2014-05-17T08:46:59.603754+00:00 app[web.2]: App 120 stdout: Started POST "/users/sign_in" for 58.7.233.232 at 2014-05-17 08:46:59 +0000
2014-05-17T08:46:59.603819+00:00 app[web.2]: App 120 stdout: Processing by Devise::SessionsController#create as HTML
2014-05-17T08:46:59.603854+00:00 app[web.2]: App 120 stdout: Parameters: {"utf8"=>"✓", "authenticity_token"=>"GalqKSrYuU2l9o2vxo3aWeqf4Xfvy+g5GAWbSXC6pvc=", "user"=>{"email"=>"admin.user#domain.com", "password"=>"[FILTERED]"}, "commit"=>"Login"}
2014-05-17T08:46:59.957414+00:00 heroku[router]: at=info method=POST path=/users/sign_in host=slapp.herokuapp.com request_id=f58dcf4f-a95f-4280-b0f9-4de593992774 fwd="58.7.233.232" dyno=web.2 connect=2ms service=599ms status=302 bytes=1408
2014-05-17T08:47:00.223198+00:00 heroku[router]: at=info method=GET path=/ host=slapp.herokuapp.com request_id=ddb2c5cc-0cc1-401b-ae98-b3c84a0fd8f7 fwd="58.7.233.232" dyno=web.1 connect=0ms service=15ms status=302 bytes=1178
2014-05-17T08:47:00.722430+00:00 heroku[router]: at=info method=GET path=/users/sign_in host=slapp.herokuapp.com request_id=20ab26a9-6b46-4b12-8019-a297fa63d324 fwd="58.7.233.232" dyno=web.2 connect=1ms service=49ms status=200 bytes=3069
2014-05-17T08:47:00.603875+00:00 app[web.2]: App 120 stdout: Redirected to https://slapp.herokuapp.com/
2014-05-17T08:47:00.603961+00:00 app[web.2]: App 120 stdout: Completed 302 Found in 547ms (ActiveRecord: 8.4ms)
2014-05-17T08:47:01.037974+00:00 app[web.1]: App 120 stdout: Started GET "/" for 58.7.233.232 at 2014-05-17 08:47:00 +0000
2014-05-17T08:47:01.037983+00:00 app[web.1]: App 120 stdout: Processing by StaticPagesController#index as HTML
2014-05-17T08:47:01.037987+00:00 app[web.1]: App 120 stdout: Completed 401 Unauthorized in 2ms
2014-05-17T08:47:01.604254+00:00 app[web.2]: App 120 stdout: Rendered layouts/_shim.html.haml (3.0ms)
2014-05-17T08:47:01.604275+00:00 app[web.2]: App 120 stdout: Rendered layouts/_navigation.html.haml (4.5ms)
2014-05-17T08:47:01.604377+00:00 app[web.2]: App 120 stdout: Completed 200 OK in 30ms (Views: 22.2ms | ActiveRecord: 0.0ms)
2014-05-17T08:47:01.604203+00:00 app[web.2]: App 120 stdout: Rendered devise/sessions/new.html.haml within layouts/application (9.5ms)
2014-05-17T08:47:01.604088+00:00 app[web.2]: App 120 stdout: Started GET "/users/sign_in" for 58.7.233.232 at 2014-05-17 08:47:00 +0000
2014-05-17T08:47:01.604302+00:00 app[web.2]: App 120 stdout: Rendered shared/_flash_messages.html.haml (0.3ms)
2014-05-17T08:47:01.604175+00:00 app[web.2]: App 120 stdout: Processing by Devise::SessionsController#new as HTML
2014-05-17T08:47:01.604335+00:00 app[web.2]: App 120 stdout: Rendered layouts/_footer.html.haml (0.3ms)

I had this problem too, with devise 3.2.4, rails 4.0.5 and unicorn.
I generated and stored secret token to a disk. But each heroku dyno has their own filesystem, so both dynos had their own secret token. When the request went to the other dyno, it used the other secret token and session got killed.
The token must be stored to the env variable and used from secret_token.rb like this:
YourApp::Application.config.secret_key_base = ENV['SECRET_TOKEN']
Generate the token
rake secret
And set it with
heroku config:set SECRET_TOKEN=yourtoken

Related

How to fix "Client Request Interrupted" error in Heroku (with a rails app)?

I deployed my rails app on Heroku.
When I try to create a new profile, my app crashes. My logs display a Client Request Interrupted error. You can see my logs below.
I searched this error on heroku dev center: https://devcenter.heroku.com/changelog-items/662
On this page (https://devcenter.heroku.com/changelog-items/662):
It said : "This error will be logged if the client socket was closed either in the middle of the request or before a response could be returned."
Then
"This error condition caused an H18 to be logged and the sock field could be used to differentiate between what are now H18 and H27 errors. "
H18 - Server Request Interrupted
The backend socket, belonging to your app’s web process was closed before the backend returned an HTTP response.
2019-02-05T15:53:19.905345+00:00 app[web.1]: bundler: failed to load command: puma (/app/vendor/bundle/ruby/2.5.0/bin/puma)
2019-02-05T15:53:19.905399+00:00 app[web.1]: SignalException: SIGTERM
2019-02-05T15:53:19.905401+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/gems/puma-3.12.0/lib/puma/launcher.rb:398:in `block in setup_signals'
2019-02-05T15:53:19.905406+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/gems/puma-3.12.0/lib/puma/single.rb:115:in `join'
2019-02-05T15:53:19.905407+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/gems/puma-3.12.0/lib/puma/single.rb:115:in `run'
2019-02-05T15:53:19.905409+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/gems/puma-3.12.0/lib/puma/launcher.rb:184:in `run'
2019-02-05T15:53:19.905410+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/gems/puma-3.12.0/lib/puma/cli.rb:78:in `run'
2019-02-05T15:53:19.905412+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/gems/puma-3.12.0/bin/puma:10:in `<top (required)>'
2019-02-05T15:53:19.905414+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/bin/puma:23:in `load'
2019-02-05T15:53:19.905415+00:00 app[web.1]: /app/vendor/bundle/ruby/2.5.0/bin/puma:23:in `<top (required)>'
2019-02-05T21:33:39.526627+00:00 heroku[web.1]: Unidling
2019-02-05T21:33:53.579585+00:00 app[web.1]: Puma starting in single mode...
2019-02-05T21:33:53.579631+00:00 app[web.1]: * Version 3.12.0 (ruby 2.5.3-p105), codename: Llamas in Pajamas
2019-02-05T21:33:53.579632+00:00 app[web.1]: * Min threads: 5, max threads: 5
2019-02-05T21:33:53.579634+00:00 app[web.1]: * Environment: production
2019-02-05T21:34:00.063370+00:00 heroku[web.1]: State changed from starting to up
2019-02-05T21:33:59.640588+00:00 app[web.1]: * Listening on tcp://0.0.0.0:11397
2019-02-05T21:33:59.642173+00:00 app[web.1]: Use Ctrl-C to stop
2019-02-05T21:34:02.204235+00:00 heroku[router]: sock=client at=warning code=H27 desc="Client Request Interrupted" method=GET path="/" host=agora-challenge.herokuapp.com request_id=9d994b8b-eff4-4088-b2be-a42b14fec708 fwd="209.17.96.226" dyno=web.1 connect=1ms service=119ms status=499 bytes= protocol=https
The important part to notice is the sock=client which means that the request was interrupted at the request of the client:
2019-02-05T21:34:02.204235+00:00 heroku[router]: sock=client at=warning code=H27 desc="Client Request Interrupted" method=GET path="/" host=agora-challenge.herokuapp.com request_id=9d994b8b-eff4-4088-b2be-a42b14fec708 fwd="209.17.96.226" dyno=web.1 connect=1ms service=119ms status=499 bytes= protocol=https
I didn't understand either Heroku dev center explanations nor previous Stack Overflow questions.
Thanks a lot for your answers.

not getting what heroku logs are saying

I have deployed app on Heroku but app is not working( I got this message on browser "We're sorry, but something went wrong. If you are the application owner check the logs for more information.") when I checked log I found below message.Can anyone tell me what is the meaning of it?
Stopping all processes with SIGTERM
2018-01-20T10:54:29.710117+00:00 app[web.1]: - Gracefully stopping, waiting for requests to finish
2018-01-20T10:54:29.710722+00:00 app[web.1]: === puma shutdown: 2018-01-20 10:54:29 +0000 ===
2018-01-20T10:54:29.710724+00:00 app[web.1]: - Goodbye!
2018-01-20T10:54:29.710881+00:00 app[web.1]: Exiting
2018-01-20T10:54:29.837650+00:00 heroku[web.1]: Process exited with status 143
2018-01-20T10:54:39.660402+00:00 heroku[web.1]: Starting process with command `bin/rails server -p 38017 -e production`
2018-01-20T10:54:45.686497+00:00 app[web.1]: DEPRECATION WARNING: `config.serve_static_files` is deprecated and will be removed in Rails 5.1.
2018-01-20T10:54:45.686528+00:00 app[web.1]: Please use `config.public_file_server.enabled = true` instead.
2018-01-20T10:54:45.686586+00:00 app[web.1]: (called from block in <top (required)> at /app/config/environments/production.rb:6)
2018-01-20T10:54:47.277792+00:00 app[web.1]: => Booting Puma
2018-01-20T10:54:47.277810+00:00 app[web.1]: => Rails 5.0.6 application starting in production on http://0.0.0.0:38017
2018-01-20T10:54:47.277812+00:00 app[web.1]: => Run `rails server -h` for more startup options
2018-01-20T10:54:47.277818+00:00 app[web.1]: * Version 3.10.0 (ruby 2.3.4-p301), codename: Russell's Teapot
2018-01-20T10:54:47.277813+00:00 app[web.1]: Puma starting in single mode...
2018-01-20T10:54:47.277819+00:00 app[web.1]: * Min threads: 0, max threads: 16
2018-01-20T10:54:47.277908+00:00 app[web.1]: * Listening on tcp://0.0.0.0:38017
2018-01-20T10:54:47.277820+00:00 app[web.1]: * Environment: production
2018-01-20T10:54:47.278132+00:00 app[web.1]: Use Ctrl-C to stop
2018-01-20T10:54:47.817688+00:00 heroku[web.1]: State changed from starting to up
2018-01-20T10:56:14.896122+00:00 heroku[router]: at=info method=GET path="/" host=salty-peak-94323.herokuapp.com request_id=85b8c594-2d92-4e76-9060-01caf2307a44 fwd="45.115.104.19" dyno=web.1 connect=0ms service=268ms status=500 bytes=1735 protocol=https
2018-01-20T10:59:49.774607+00:00 heroku[router]: at=info method=GET path="/" host=salty-peak-94323.herokuapp.com request_id=d60e4280-6d74-42ff-93e4-5a47dcc3bc93 fwd="45.115.104.19" dyno=web.1 connect=0ms service=41ms status=500 bytes=1735 protocol=https
The logs says DEPRECATION WARNING: config.serve_static_files is deprecated and will be removed in Rails 5.1, Please use config.public_file_server.enabled = true instead, So try to change this to what it is saying, Although i believe it is just a warning and it should not break your app but i found a related question to this one, Here it is, Hope it helps

Deploying grails application to Heroku

I'm trying to deploy Grails application to Heroku for the first time , and it's successfully deployed as per their log :
|Done creating WAR target/PatientBoards-0.1.war
-----> No server directory found. Adding webapp-runner 7.0.57.2 automatically.
-----> Discovering process types
Procfile declares types -> (none)
Default types for buildpack -> web
-----> Compressing... done, 132.4MB
-----> Launching... done, v5
https://patientboards.herokuapp.com/ deployed to Heroku
But when I go to https://patientboards.herokuapp.com the page is blank ! although i tried it locally and the application is working fine .
i found this in the log:
2015-11-24T23:22:38.752616+00:00 app[web.1]: INFO: Illegal access: this web application instance has been stopped already. Could not load net.sf.ehcache.store.disk.DiskStore$KeySet. The eventual following stack trace is caused by an error thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access, and has no functional impact.
2015-11-24T23:22:38.752617+00:00 app[web.1]: java.lang.IllegalStateException
2015-11-24T23:22:38.752618+00:00 app[web.1]: at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1612)
2015-11-24T23:22:38.752618+00:00 app[web.1]: at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1571)
2015-11-24T23:22:38.752619+00:00 app[web.1]: at net.sf.ehcache.store.disk.DiskStore.keySet(DiskStore.java:610)
2015-11-24T23:22:38.752624+00:00 app[web.1]: at net.sf.ehcache.store.disk.DiskStorageFactory$DiskExpiryTask.run(DiskStorageFactory.java:817)
2015-11-24T23:22:38.752625+00:00 app[web.1]: at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
2015-11-24T23:22:38.752647+00:00 app[web.1]: at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
2015-11-24T23:22:38.752648+00:00 app[web.1]: at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
2015-11-24T23:22:38.752648+00:00 app[web.1]: at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
2015-11-24T23:22:38.752649+00:00 app[web.1]: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
2015-11-24T23:22:38.752649+00:00 app[web.1]: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
2015-11-24T23:22:38.752650+00:00 app[web.1]: at java.lang.Thread.run(Thread.java:745)
2015-11-24T23:22:38.752651+00:00 app[web.1]:
2015-11-24T23:25:38.811300+00:00 app[web.1]: Nov 24, 2015 11:25:38 PM org.apache.catalina.loader.WebappClassLoader loadClass
2015-11-24T23:25:38.811307+00:00 app[web.1]: INFO: Illegal access: this web application instance has been stopped already. Could not load net.sf.ehcache.util.concurrent.ConcurrentHashMap$ValueIterator. The eventual following stack trace is caused by an error thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access, and has no functional impact.
2015-11-24T23:25:38.811309+00:00 app[web.1]: java.lang.IllegalStateException
2015-11-24T23:25:38.811310+00:00 app[web.1]: at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1612)
2015-11-24T23:25:38.811311+00:00 app[web.1]: at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1571)
2015-11-24T23:25:38.811312+00:00 app[web.1]: at net.sf.ehcache.util.concurrent.ConcurrentHashMap$ValuesView.iterator(ConcurrentHashMap.java:3252)
2015-11-24T23:25:38.811312+00:00 app[web.1]: at net.sf.ehcache.statistics.extended.ExtendedStatisticsImpl$1.run(ExtendedStatisticsImpl.java:104)
2015-11-24T23:25:38.811313+00:00 app[web.1]: at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
2015-11-24T23:25:38.811314+00:00 app[web.1]: at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
2015-11-24T23:25:38.811315+00:00 app[web.1]: at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
2015-11-24T23:25:38.811315+00:00 app[web.1]: at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
2015-11-24T23:25:38.811316+00:00 app[web.1]: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
2015-11-24T23:25:38.811317+00:00 app[web.1]: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
2015-11-24T23:25:38.811318+00:00 app[web.1]: at java.lang.Thread.run(Thread.java:745)
2015-11-24T23:25:38.811319+00:00 app[web.1]:
2015-11-24T23:27:24.541959+00:00 heroku[router]: at=info method=GET path="/" host=patientboards.herokuapp.com request_id=264982a9-7c89-492d-bf01-0aa72639cd75 fwd="176.61.71.119" dyno=web.1 connect=0ms service=28ms status=404 bytes=128
Am I missing something ?
Thanks

Pages not rendering properly on Heroku

Hi I am in the midst of Ruby on Rails tutorial. MY pages are rendering perfectly on the localserver but NOT on Heroku. I have run the command "heroku run rake db:migrate". I also have gone through the Heroku logs. I am just not sure how to read them.
I am wondering if it has to do with my stylesheets but I replicated whatever was on my local server to github and heroku so not sure why it can't read it.
I am add a part of the logfile. I wish I could show snapshots but unfortunately I don't have rights to do so.
I would appreciate any help and tips on debugging this problem.
====logfile===========================================
2012-03-19T18:22:42+00:00 heroku[web.1]: State changed from starting to up
2012-03-19T18:22:43+00:00 app[web.1]: => Booting WEBrick
2012-03-19T18:22:43+00:00 app[web.1]: => Rails 3.2.0 application starting in production on http://0.0.0.0:36524
2012-03-19T18:22:43+00:00 app[web.1]: => Call with -d to detach
2012-03-19T18:22:43+00:00 app[web.1]: => Ctrl-C to shutdown server
2012-03-19T18:22:43+00:00 app[web.1]:
2012-03-19T18:22:43+00:00 app[web.1]:
2012-03-19T18:22:43+00:00 app[web.1]: Started GET "/" for 68.81.36.121 at 2012-03-19 18:22:43 +0000
2012-03-19T18:22:44+00:00 app[web.1]: Processing by StaticPagesController#home as HTML
2012-03-19T18:22:44+00:00 app[web.1]: Rendered static_pages/home.html.erb within layouts/application (11.2ms)
2012-03-19T18:22:44+00:00 app[web.1]: Rendered layouts/_shim.html.erb (0.2ms)
2012-03-19T18:22:44+00:00 app[web.1]: Rendered layouts/_header.html.erb (1.9ms)
2012-03-19T18:22:44+00:00 app[web.1]: Rendered layouts/_footer.html.erb (1.5ms)
2012-03-19T18:22:44+00:00 app[web.1]: Completed 200 OK in 76ms (Views: 75.7ms | ActiveRecord: 0.0ms)
2012-03-19T18:22:44+00:00 app[web.1]: cache: [GET /] miss
2012-03-19T18:22:44+00:00 heroku[router]: GET stormy-mist-1232.herokuapp.com/ dyno=web.1 queue=0 wait=0ms service=850ms status=304 bytes=0
2012-03-19T18:22:47+00:00 heroku[web.1]: State changed from up to bouncing
2012-03-19T18:22:47+00:00 heroku[web.1]: State changed from bouncing to created
2012-03-19T18:22:47+00:00 heroku[web.1]: State changed from created to starting
2012-03-19T18:22:51+00:00 heroku[web.1]: Stopping process with SIGTERM
2012-03-19T18:22:51+00:00 app[web.1]: [2012-03-19 18:22:51] ERROR SignalException: SIGTERM
2012-03-19T18:22:51+00:00 app[web.1]: /usr/local/lib/ruby/1.9.1/webrick/server.rb:90:in `select'
2012-03-19T18:22:55+00:00 heroku[web.1]: Starting process with command bundle exec rails server -p 4160
2012-03-19T18:22:59+00:00 app[web.1]: DEPRECATION WARNING: You have Rails 2.3-style plugins in vendor/plugins! Support for these plugins will be removed in Rails 4.0. Move them out and bundle them in your Gemfile, or fold them in to your app as lib/myplugin/* and config/initializers/myplugin.rb. See the release notes for more on this: "http://weblog.rubyonrails.org/2012/01/04/rails-3-2-0-rc2-has-been-released." (called from at /app/config/environment.rb:5)
2012-03-19T18:22:59+00:00 app[web.1]: DEPRECATION WARNING: You have Rails 2.3-style plugins in vendor/plugins! Support for these plugins will be removed in Rails 4.0. Move them out and bundle them in your Gemfile, or fold them in to your app as lib/myplugin/* and config/initializers/myplugin.rb. See the release notes for more on this: "http://weblog.rubyonrails.org/2012/01/04/rails-3-2-0-rc2-has-been-released". (called from at /app/config/environment.rb:5)
2012-03-19T18:23:01+00:00 heroku[web.1]: Stopping process with SIGKILL
2012-03-19T18:23:01+00:00 heroku[web.1]: Error R12 (Exit timeout) -> Process failed to exit within 10 seconds of SIGTERM
2012-03-19T18:23:02+00:00 heroku[web.1]: Process exited with status 137
2012-03-19T18:23:04+00:00 app[web.1]: [2012-03-19 18:23:04] INFO WEBrick 1.3.1
2012-03-19T18:23:04+00:00 app[web.1]: [2012-03-19 18:23:04] INFO ruby 1.9.2 (2011-07-09) [x86_64-linux]
2012-03-19T18:23:04+00:00 app[web.1]: [2012-03-19 18:23:04] INFO WEBrick::HTTPServer#start: pid=1 port=4160
2012-03-19T18:23:05+
I hope you don't mind but I took the liberty of going to your site myself to see what the problem is. The issue is that you're configuring to use the asset pipeline but none of your assets are compiled. You can verify this is the case by visiting your main CSS file -- you'll notice there's nothing at all there.
This is likely because you forgot to include compilation directives at the top of your application.css. See the asset pipeline guide for full details, but I bet you're missing a line like this at the top of your application.css:
*= require_self
*= require_tree .
I had this problem before too, and I think it had something to do with precompiling your css file. Try going into config/environments/production.rb and add this config.assets.precompile += [ "blueprint/*.css" ]. I am assuming you're using the blueprint css file.

Rails facebook Iframe app error: InvalidAuthenticityToken

I get this error when I acccess my facebook iframe app:
The change you wanted was rejected.
Maybe you tried to change something you didn't have access to.
Heroku logs:
2011-06-05T08:30:41+00:00 app[web.1]: Started POST "/facebook/" for xxxx
03 at 2011-06-05 10:30:41 +0200
2011-06-05T08:30:41+00:00 heroku[router]: POST www.vinderhimlen.dk/facebook/ dyn
o=web.1 queue=0 wait=0ms service=39ms bytes=711
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:41+00:00 app[web.1]: ActionController::InvalidAuthenticityToken
(ActionController::InvalidAuthenticityToken):
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:41+00:00 app[web.1]:
2011-06-05T08:30:45+00:00 heroku[web.1]: Stopping process with SIGTERM
2011-06-05T08:30:45+00:00 app[web.1]: >> Stopping ...
2011-06-05T08:30:45+00:00 heroku[web.1]: Process exited
Iceberg#ICEBERG-PC /c/rails/konkurranceportalen (master)
$
By default, Rails requires a token to be included as a hidden field with every POST.
This protects your app from Cross-Site Request Forgery.
See the Rails Request Forgery Protection documentation.
skip_before_filter :verify_authenticity_token may be useful for further debugging.

Resources