submit form with file upload + cross domain

[saravanan p]

I am trying to submit a form in rails 4 with File upload(using paperclip) to an another domain using Ajax with dataType 'jsonp' ( I tried both ajax and ajaxForm ).

// .js

$(".form").ajaxSubmit({

      type: $(".form").attr("method"),

      dataType: "jsonp",

      url: $(".form").attr("action"),

      data: $(".form").serialize(),

      success: function(data) {

        console.log('respone');

        console.log(data);

      }

    }); 

I am getting the following error message.

Can't verify CSRF token authenticity

Completed 422 Unprocessable Entity in 26ms

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):

I can save data when i am not attach any file. 

I got one solution, 

skip_before_filter :verify_authenticity_token  

I can save data by skipping verify authentication token. But I think this is not a secure way.

Can any one know a secure way? any suggestion please!

Note: I am getting all the params values in the destination domain.

[saravanan p]

File upload + Cross domain + Response

Is there anyway to upload file from one domain to another domain.

i used ajax post method to submit the form but i am not getting response value. 

please suggest someway to solve this problem.

Thanks in advance! 

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com.
To post to this group, send email to rubyonra...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/f448292b-aa47-4412-9ecf-19de71947764%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Walter Lee Davis]

Only if you configure CORS, which usually means you have control over both servers. Do you?

Walter

> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAOxyzk0Fx39RR%2B%2BbVSSrL-yh5d3xXbtkWsM1HtL0fOJUvN-K-w%40mail.gmail.com.

[Walter Lee Davis]

Now you can "fake" an Ajax file upload with a hidden iframe, that's been popular since forever. It is a pain in the ass to get the response from the server to refresh the actual page, though.

Walter

On Jan 6, 2014, at 1:17 AM, saravanan p wrote:

> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAOxyzk0Fx39RR%2B%2BbVSSrL-yh5d3xXbtkWsM1HtL0fOJUvN-K-w%40mail.gmail.com.