Turn off CSRF token in rails 3
Solution 1:
In the controller where you want to disable CSRF the check:
skip_before_action :verify_authenticity_token
Or to disable it for everything except a few methods:
skip_before_action :verify_authenticity_token, :except => [:update, :create]
Or to disable only specified methods:
skip_before_action :verify_authenticity_token, :only => [:custom_auth, :update]
More info: RoR Request Forgery Protection
Solution 2:
In Rails3 you can disable the csrf token in your controller for particular methods:
protect_from_forgery :except => :create