What's your particular need for action caching on this particular action?<br><br>Could you not fragment cache anything difficult,<br>and keep the form fresh?<br><br><div class="gmail_quote">2009/7/23 Taryn East <span dir="ltr"><<a href="mailto:teast@globalpersonals.co.uk">teast@globalpersonals.co.uk</a>></span><br>

<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi all,<br><br>I'm running up against the "page/action cacheing vs forgery-protection" issue described in various places eg here: <a href="http://mandarinsoda.com/2008/01/29/stupid-rails-mistakes-caching-and-authenticity-tokens/" target="_blank">http://mandarinsoda.com/2008/01/29/stupid-rails-mistakes-caching-and-authenticity-tokens/</a><br>



<br>Now - all the "solutions" that seem to be available say "turn off
forgery protection"... but surely that isn't the only option out
there. It seems so drastic (and dangerous).<br><br>Is there no way to render a form without the authenticity token? No other ideas?<br>
<br>Any ideas welcome :)<br><br>Cheers,<br><font color="#888888"><font color="#888888">Taryn<br></font>
</font><br>_______________________________________________<br>
Chat mailing list<br>
<a href="mailto:Chat@lists.lrug.org">Chat@lists.lrug.org</a><br>
<a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" target="_blank">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a><br>
<br></blockquote></div><br>