Wed May 23, 2018 2:30 PM

Debug InvalidAuthenticityToken in Rails 5 apps with Heroku and Cloudflare

Domain:

Debugging

Description:

works fine on naked Heroku dns

Notes:

diagnosis: previously apps with this setup worked immediately from the point DNS changes were made. Rails 5 checks base_url now in the CSRF, which causes issues when redirecting to https using default Cloudflare setup. Had to change to "Full" for the SSL

View All Logs