Home>

I'm starting to study Rails 6. "What was made in Rails 2 and replaced in Rails 4" is replaced in Rails 6.
Since it works for development in local, it is played when I put it on AWS Linux 2.
All POSTs are FATAL with ActionController :: InvalidAuthenticityToken.
so,
No response is returned to the browser.
No Render in production.log.

Of course

  1. There is<% = csrf_meta_tags%>.
  2. in logParameters: {"authenticity_token" =>"reIhNlVOg0.there is.

Please advise which area to look for.

I will post the log at login.

I, Started POST "/ users/sign_in" for 127.0.0.1 at 2020-12-07 11:29:58 +0000
I, INFO-: Processing by Devise :: SessionsController # create as HTML
I, INFO-: Parameters: {"authenticity_token" =>"ACxsQZ .... ZC8Wg ==", "user" =>{"username" =>"dezawa", "password" =>"[FILTERED]" , "remember_me" =>"0"}, "com
mit "=>" Log in "}
W, HTTP Origin header (http://www.example.com) didn't match request.base_url (http://www)
I, INFO-: Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms | Allocations: 357)
F, FATAL-: ActionController :: InvalidAuthenticityToken (ActionController :: InvalidAuthenticityToken):


I'm a little worried about W on the third line from the bottom. nginx upstream is showing up r ...

  • Answer # 1

    I just checked, but have the following been set?

    class Api :: TasksController


    Reference https://qiita.com/_ayk_study/items/88269643c675fd4ca975