ActionController::InvalidAuthenticityToken & :before


#1

I have a form that submits search criteria and while it is processing I
wanted to use a js function to indicate:

<% form_remote_tag :update => ‘mainbody’, :url => {:action => ‘search’},
:before => “wait_message(‘mainbody’,‘S E A R C H I N G’)” do%>

wait_message() executes but then when the data comes back, I get

ActionController::InvalidAuthenticityToken in DocdirController#search

Everything works fine without the :before => callback. How should I do
this?


#2

Here are more details from that error:

Processing DocdirController#search (for 127.0.0.1 at 2009-06-04
11:34:39) [POST]

ActionController::InvalidAuthenticityToken
(ActionController::InvalidAuthenticityToken):
internal:prelude:8:in synchronize' /usr/local/lib/ruby/1.9.1/webrick/httpserver.rb:111:inservice’
/usr/local/lib/ruby/1.9.1/webrick/httpserver.rb:70:in run' /usr/local/lib/ruby/1.9.1/webrick/server.rb:183:inblock in
start_thread’


#3

I suppose it was not a good idea to replace the form with “removeChild”
:before the form is submitted…


#4

In your controller add
skip_before_filter :verify_authenticity_token

Hope this will help !

Sandip R~


Ruby on Rails Developer
http://sandip.sosblog.com
http://funonrails.wordpress.com
www.joshsoftware.com


#5

Sandip R. wrote:

In your controller add
skip_before_filter :verify_authenticity_token

Hope this will help !

Thanks for that tidbit, but the problem was that the wait_message()
function destroyed the content of the div with the form in it and
replaced it with the message, S E A R C H I N G

Of course, the form is not yet submitted and it contained the auth token
in a hidden field! So the more is: don’t destroy the form in your
:before callback.