1

When I click "Signout" in my app, Heroku performs a GET request against the URL when it should do a DELETE request. When I click "Signout" in my local dev environment, it signs me out.

user-users-macbook-air:app user$ heroku run rake routes
           root        /                         home#show
      users GET    /users(.:format)          users#index
            POST   /users(.:format)          users#create
   new_user GET    /users/new(.:format)      users#new
  edit_user GET    /users/:id/edit(.:format) users#edit
       user GET    /users/:id(.:format)      users#show
            PUT    /users/:id(.:format)      users#update
            DELETE /users/:id(.:format)      users#destroy
   sessions POST   /sessions(.:format)       sessions#create
new_session GET    /sessions/new(.:format)   sessions#new
    session DELETE /sessions/:id(.:format)   sessions#destroy
     signup        /signup(.:format)         users#new
     signin        /signin(.:format)         sessions#new
    signout DELETE /signout(.:format)        sessions#destroy

After clicking the Signout link in my app:

user-users-macbook-air:app user$ heroku logs
2012-07-10T00:55:13+00:00 app[web.1]: Started GET "/signout" for 128.36.168.39 at 2012-07-10 00:55:13 +0000
2012-07-10T00:55:13+00:00 app[web.1]: 
2012-07-10T00:55:13+00:00 app[web.1]: ActionController::RoutingError (No route matches [GET] "/signout"):
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.6/lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/railties-3.2.6/lib/rails/rack/logger.rb:26:in `call_app'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.6/lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/railties-3.2.6/lib/rails/rack/logger.rb:16:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-1.4.1/lib/rack/methodoverride.rb:21:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-1.4.1/lib/rack/runtime.rb:17:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.6/lib/action_dispatch/middleware/request_id.rb:22:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-1.4.1/lib/rack/lock.rb:15:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.6/lib/action_dispatch/middleware/static.rb:62:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.6/lib/active_support/cache/strategy/local_cache.rb:72:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-ssl-1.3.2/lib/rack/ssl.rb:27:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-cache-1.2/lib/rack/cache/context.rb:245:in `fetch'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-cache-1.2/lib/rack/cache/context.rb:136:in `forward'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-cache-1.2/lib/rack/cache/context.rb:185:in `lookup'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-cache-1.2/lib/rack/cache/context.rb:66:in `call!'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/railties-3.2.6/lib/rails/application.rb:220:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-cache-1.2/lib/rack/cache/context.rb:51:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/railties-3.2.6/lib/rails/engine.rb:479:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-1.4.1/lib/rack/content_length.rb:14:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/railties-3.2.6/lib/rails/rack/log_tailer.rb:17:in `call'
2012-07-10T00:55:13+00:00 app[web.1]:   /usr/local/lib/ruby/1.9.1/webrick/httpserver.rb:111:in `service'
2012-07-10T00:55:13+00:00 app[web.1]:   vendor/bundle/ruby/1.9.1/gems/rack-1.4.1/lib/rack/handler/webrick.rb:59:in `service'
2012-07-10T00:55:13+00:00 app[web.1]:   /usr/local/lib/ruby/1.9.1/webrick/httpserver.rb:70:in `run'
2012-07-10T00:55:13+00:00 app[web.1]: 
2012-07-10T00:55:13+00:00 app[web.1]: 
2012-07-10T00:55:13+00:00 app[web.1]:   /usr/local/lib/ruby/1.9.1/webrick/server.rb:183:in `block in start_thread'
2012-07-10T00:55:13+00:00 heroku[router]: GET glassboard.herokuapp.com/signout dyno=web.1 queue=0 wait=0ms service=9ms status=404 bytes=728
Eric Baldwin
  • 3,341
  • 10
  • 31
  • 71

2 Answers2

1

I've seen this a number of times. It's not heroku specific -- it happens in the user's browsers.

I was using devise for my authentication package and was able to resolve this by modifying my routes to allow the user to logout by using a GET reuest instead of a DELETE.

This is a well-known issue and the option of allowing a HTTP GET to logout is generally accepted.

See: No route matches "/users/sign_out" devise rails 3

Community
  • 1
  • 1
Kevin Bedell
  • 13,254
  • 10
  • 78
  • 114
  • 1
    Also note, that there's an override in devise.rb - https://github.com/plataformatec/devise/blob/master/lib/generators/templates/devise.rb#L203 which will let you change from the default (delete) to a get. – John Beynon Jul 11 '12 at 07:39
0

No-Script will cause this behavior, if heroku is not 'allowed'. I verified that my page-source, rendered from Heroku, does specify the 'Delete' method, while the heroku logs show a 'Get' was executed, instead, when scripts were blocked.

Therefore, we need to write something into our app that signals the user ala, "Hey buddy, allow scripts to run or you cannot log-out."

The Heroku docs point to this stackoverflow-page as authoritative, so the more info here, the better.

JosephK
  • 668
  • 10
  • 18