AuthenticityToken Missmatch on CRUD after Port Forwarding

[kwhandy]

I am encountering forgery protection issue when I try to do regular CRUD operations that connected to postgres like normal, so everytime I did POST action, the console throws message below:

ActionController::InvalidAuthenticityToken (HTTP Origin header (http://localhost:3000) didn't match request.base_url (https://{space-name}-{space-id}-3000.app.github.dev)

So far, this answer (22965) can solve the problem, which suggest to add:

config.action_controller.forgery_protection_origin_check = false

to development.rb, or put

skip_forgery_protection

on application_controller.rb

I still feel uncomfortable with this approach since I can't do the rails standards, I've been doing this just fine in another IDE like Gitpod or AWS Cloud9, but it's just different here. I'm trying figuring out on the VM level try to modify nginx config until I realize that codespaces service might run inside a container LOL. I still think that this because I'm not sure how port forwarding works in this service, but if that's the reason, why I can still access the app only with GET requests?

Some help/ guidance from official team would be nice!

cc @joshaber @samruddhikhandale @bdmac

[kwhandy]

I got answer from some YT account(@/webappdevelopment): the another way to be able doing CRUD ops within Codespaces is using Codespaces itself inside VS Code Desktop - NOT via Codespaces browser instead

But this still not enough for me because I need to access it via browser, so I still open this discussion 'til found the right answer