I'm creating a Rails app to interact with an iOS app. All of my requests are passing/expecting JSON, so I'm experiencing CSRF problems when posting. I can turn off protect_from_forgery (not ideal) but I don't want to do so on a per controller basis because I'm using devise, and I'd have to subclass each controller. Is there a way to turn it off for the entire app or what's a better approach?
I don't know if it works but i would have tried this
class ApplicationController < ActionController::Base
skip_before_filter :verify_authenticity_token
end