Nobody Listens Anyway » protect_from_forgery http://www.justinball.com Life is an optimization issue Sat, 31 Jul 2010 16:47:23 +0000 en hourly 1 http://wordpress.org/?v=3.0-alpha secret given to the #protect_from_forgery call http://www.justinball.com/2008/02/07/secret-given-to-the-protect_from_forgery-call/ http://www.justinball.com/2008/02/07/secret-given-to-the-protect_from_forgery-call/#comments Thu, 07 Feb 2008 19:30:09 +0000 Justin Ball http://www.justinball.com/2008/02/07/secret-given-to-the-protect_from_forgery-call/ My code was running fine under Rails 2.0.2. Then I enabled the db based session store by uncommenting this:

config.action_controller.session_store = :active_record_store

in environment.rb.

Anything that used the session after that gave me this error:

No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store).

If you have the same problem. Go to application.rb and uncomment the secret then restart.

All better.

]]> http://www.justinball.com/2008/02/07/secret-given-to-the-protect_from_forgery-call/feed/ 50