I'm building a Flex 4 + Rails 2.3.5 application. First I was using XML to pass date through and I used to get an error complaining about Authenticity Token which I passed manually then to get through the error.
After that I re-factored my code to use RubyAmf which seems to be working but I didn't pass in the authenticity_token at first but I noticed that Rails didn't complain and the request went through. My app still have protect_from_forgery uncommented.
Does RubyAmf bypass that somehow?
Thanks,
Tam
Ruby AMF directly calls controller actions and returns the results after serializing to AMF. This is opposed to how a standard HTTP request works which goes through the router first.