最近在用rails设计一个网站的API,觉得需要注意的两个地方:
1. 注意在ActionController里设置:
protect_from_forgery :except => :your_action
允许公开的非Get方式的请求
2. 注意在config/routes.rb里设置好相关的路由,尤其是Post或者Get的方式:
map.connect 'controller/action', :conditions => {:method => :post}, :controller => "controller", :action => "action"
map.connect 'controller/action', :conditions => {:method => :get}, :controller => "controller", :action => "action"
Ruby发送http request的小结:
1. Ruby 以Get方式发送http request:
def get_http(host, path, port, query)
return Net::HTTP.get(host, "#{path}?".concat(query.collect { |k,v| "#{k}=#{CGI::escape(v.to_s)}" }.reverse.join('&')), port) if not query.nil?
return Net::HTTP.get(host, path, port)
end
def get(uri)
url = URI.parse(uri)
host = url.host
path = url.path
port = url.port
query = url.query
get_http(host, path, port, query)
end
get("http://localhost:3000/controller/action?sign=a98689zhxnxyi")
2. Ruby 以Post方式发送http request:
def post(uri, params)
url = URI.parse(uri)
Net::HTTP.start(url.host, url.port) do |http|
res = Net::HTTP::post_form(url, params)
puts res.body
end
end
post("http://localhost:3000/controller/action", { 'sign' => 'zzbxxwz89y6n'})