質問編集履歴
4
fix
test
CHANGED
|
File without changes
|
test
CHANGED
|
@@ -26,6 +26,8 @@
|
|
|
26
26
|
|
|
27
27
|
|
|
28
28
|
|
|
29
|
+
(トークンを公開することのリスクがわかってないので念のため伏字におきかえてあります)
|
|
30
|
+
|
|
29
31
|
```
|
|
30
32
|
|
|
31
33
|
I, [2020-12-04T06:06:42.750789 #10006] INFO -- : Started POST "/users/sign_in" for 172.20.1.1 at 2020-12-04 06:06:42 +0000
|
3
fix
test
CHANGED
|
File without changes
|
test
CHANGED
|
@@ -226,6 +226,18 @@
|
|
|
226
226
|
|
|
227
227
|
|
|
228
228
|
|
|
229
|
+
app/views/layouts/application.html.haml には
|
|
230
|
+
|
|
231
|
+
```
|
|
232
|
+
|
|
233
|
+
= csrf_meta_tags
|
|
234
|
+
|
|
235
|
+
```
|
|
236
|
+
|
|
237
|
+
はかかれてあります
|
|
238
|
+
|
|
239
|
+
|
|
240
|
+
|
|
229
241
|
### 試したこと
|
|
230
242
|
|
|
231
243
|
|
2
fix
test
CHANGED
|
File without changes
|
test
CHANGED
|
@@ -50,7 +50,7 @@
|
|
|
50
50
|
|
|
51
51
|
I, [2020-12-04T06:06:44.481082 #10006] INFO -- : Processing by Users::SessionsController#new as HTML
|
|
52
52
|
|
|
53
|
-
I, [2020-12-04T06:06:44.481563 #10006] INFO -- : Parameters: {"utf8"=>"✓", "authenticity_token"=>"xxxxx", "user"=>{"email"=>"test
|
|
53
|
+
I, [2020-12-04T06:06:44.481563 #10006] INFO -- : Parameters: {"utf8"=>"✓", "authenticity_token"=>"xxxxx", "user"=>{"email"=>"test@test.com", "password"=>"[FILTERED]", "remember_me"=>"1"}}
|
|
54
54
|
|
|
55
55
|
W, [2020-12-04T06:06:44.494312 #10006] WARN -- : Can't verify CSRF token authenticity.
|
|
56
56
|
|
1
追記
test
CHANGED
|
File without changes
|
test
CHANGED
|
@@ -214,6 +214,18 @@
|
|
|
214
214
|
|
|
215
215
|
|
|
216
216
|
|
|
217
|
+
### 該当のソースコード
|
|
218
|
+
|
|
219
|
+
|
|
220
|
+
|
|
221
|
+
CSRF に関係する部分はとくに明示的に何かかいてるわけではなく
|
|
222
|
+
|
|
223
|
+
Rails がかってに埋め込んだり処理してくれてると思うんですが
|
|
224
|
+
|
|
225
|
+
原因特定に必要なソースがあれば提示します
|
|
226
|
+
|
|
227
|
+
|
|
228
|
+
|
|
217
229
|
### 試したこと
|
|
218
230
|
|
|
219
231
|
|