如何忽略Rails中特定操作的真实性标记?

当我有一个特定的操作,我不想检查真实性标记,我怎么告诉Rails跳过检查呢?

对于个人行为,你可以做:

protect_from_forgery :only => [:update, :delete, :create] #or protect_from_forgery :except => [:update, :delete, :create] 

对于整个控制器,你可以这样做:

 skip_before_action :verify_authenticity_token 

而Rails 3.x要求:

 skip_before_filter :verify_authenticity_token 

Rails4中,你可以使用skip_before_actionexceptonly使用skip_before_action

 class UsersController < ApplicationController skip_before_action :verify_authenticity_token, only: [:create] skip_before_action :some_custom_action, except: [:new] def new # code end def create # code end protected def some_custom_action # code end end