Hi All - I have a form_for that I''m trying to convert to remote_form_for, and I keep get this error: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken): /usr/lib/ruby/gems/1.8/gems/actionpack-2.2.2/lib/action_controller/request_forgery_protection.rb:86:in `verify_authenticity_token'' /usr/lib/ruby/gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in `send'' /usr/lib/ruby/gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in `evaluate_method'' /usr/lib/ruby/gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:166:in `call'' /usr/lib/ruby/gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:225:in `call''.... My form works fine without the ajax call: <% form_for :vendor do |f| -%> <td><%= f.text_field :name, :size => 15 %></td> <td><%= f.text_field :location, :size => 15 %></td> <td><%= f.submit ''save'' %></td> <% end -%> -- partial : <% @vendor = vendor %> <tr id="vendor_<%= vendor.id %>"> <td><%= vendor.name %></td> <td><%= vendor.location %></td> </tr> -- controller : def create @vendor = Vendor.new(params[:vendor]) if @vendor.save respond_to do |format| flash[:notice] = "New vendor #{@vendor.name} was saved!" format.html { redirect_to vendors_path } format.js end end end -- rjs : page.replace_html ''flasher'', flash[:notice] unless flash[:notice].blank? page.insert_html :after, ''vendors_title'', :partial => ''vendor'', :object => Vendor.find(:all, :order => ''name'') I tried adding sessions to my app with rake db:sessions:create and rake db:migrate, and I also enabled the :secret in my application.rb... Please help :) -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Shilo Ayalon
2009-Jan-19 06:56 UTC
Re: InvalidAuthenticityToken error with remote_form_for
I tried using submit_to_remote (or link_to_remote) to submit the form_for and it worked: <% form_for :vendor do |f| -%> <%= f.text_field :name, :size => 15 %> <%= f.text_field :location, :size => 15 %> <%# f.submit ''save'' %> <%= link_to_remote ''save'', :url => { :action => ''create'', :id => @vendor } %> <% end -%> and in the controller: def create @vendor = Vendor.new(params[:vendor]) if @vendor.save respond_to do |format| format.html { redirect_to vendors_path } format.js end end end Of course, I have a create.js.rjs template to handle the ajax events on the page. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
If nobody answered this yet, the reason it''s not working is that your link doesn''t serialize the authenticity_token field. Just put: <%= link_to_remote ''save'', :url => { :action => ''create'', :id => @vendor }, :with => ''authenticity_token'' %> and that should get you on the right path. HTH On Jan 18, 2009, at 10:56 PM, Shilo Ayalon wrote:> > I tried using submit_to_remote (or link_to_remote) to submit the > form_for and it worked: > > <% form_for :vendor do |f| -%> > <%= f.text_field :name, :size => 15 %> > <%= f.text_field :location, :size => 15 %> > <%# f.submit ''save'' %> > <%= link_to_remote ''save'', > :url => { :action => ''create'', :id => @vendor } %> > <% end -%> > > and in the controller: > > def create > @vendor = Vendor.new(params[:vendor]) > if @vendor.save > respond_to do |format| > format.html { redirect_to vendors_path } > format.js > end > end > end > > Of course, I have a create.js.rjs template to handle the ajax events > on > the page. > -- > Posted via http://www.ruby-forum.com/. > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Maybe Matching Threads
- using pagination to group pages by attribute value
- degrading ajax calls - how?
- Rails - Devise - Warden and InvalidAuthenticityToken
- InvalidAuthenticityToken when user adds application through facebook registration
- REST Web Service ActionController::InvalidAuthenticityToken