How to allow a form to be submitted without CSRF protection

Continuing the discussion from Generating a login email via API:

But that’s what I wanted to do, but then I searched the source for verify_authenticity_token and figured out that I could use

    skip_before_action :check_xhr, :preload_json, :verify_authenticity_token

to be able to have my plugin accept a post!

1 Like