req.body returning "Forbidden"

Question

In my node.js express app I'm submitting a form, to an action on a controller. All this controller does is:

send(req.body)

(I'm using RailwayJS (but that's not all that important to this question I don't think) I'm doing this is to get the values in the form

However, it comes back as 'Forbidden'

If I restart node, and refresh the page (confirming i want to post back) then I get the desired result...

Any idea how to get the values of the form without restarting?

Anatoliy · Accepted Answer · 2012-04-05T16:15:58.260

1

I think this is related to 'protect from forgery' beforeFilter. Do you pass authencity_token to your post?

Possible solution: skipBeforeFiler('protect from forgery'); -- it disables CSRF protection Better solution: use form_for helper, or pass authencity_token manually. Check apidocs to learn more about CSRF protection: http://jsdoc.info/1602/express-on-railway/helpers.html#instance/csrf_tag

edited Apr 05 '12 at 16:15

answered Apr 05 '12 at 14:53

Anatoliy

29,485
5
46
45

req.body returning "Forbidden"

1 Answers1