在environment.rb中配置config.action_controller.session_store = :active_record_store后重启服务器提示以下错误：

Showing store/index.html.erb where line #8 raised:

No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store).

Extracted source (around line #8):

5:     <h3><%= h(product.title) %></h3>
6:     <%= product.description %><br/>
7:     <span class="price" ><%= number_to_currency(product.price) %></span>
8:     <%= button_to "Add to Cart",:action=>:add_to_cart,:id=> product %>
9:     </div>
10:     <% end %>



RAILS_ROOT: D:/Project/depot

Application Trace | Framework Trace | Full Trace
D:/ruby/lib/ruby/gems/1.8/gems/actionpack-2.1.0/lib/action_controller/request_forgery_protection.rb:115:in `form_authenticity_token'
(eval):2:in `send'
(eval):2:in `form_authenticity_token'
app/views/store/index.html.erb:8:in `_run_erb_47app47views47store47index46html46erb'
app/views/store/index.html.erb:2:in `each'
app/views/store/index.html.erb:2:in `_run_erb_47app47views47store47index46html46erb'

请教

protect_from_forgery 2.0后的rails中提供了这个东西以供保护form,你要在config中打开这功能,并在application中设置密钥
No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store
翻译一下就知道了.

把ApplicationController那句
protect_from_forgery ＃:secret => 'xxxxxxxxxxx‘
改为
protect_from_forgery :secret => 'xxxxxxxxxxx‘
试试