"the change you want was rejected. Maybe you changed something you didn't have access to.""

Anyone ever get an error message such as this?

“the change you want was rejected. Maybe you changed something you
didn’t have access to.”"

I haven’t been able to see this in testing, but I’m getting reports
out on the field from a few users trying to register to one of my
websites.

-S

This also happens to be the error page that’s shown when there’s an
AuthenticityToken error. I’d double-check your settings for
protect_from_forgery.

Also note that certain very elderly browsers (IE 5 Mac, for one)
aren’t able to successfully accept a Rails session cookie (as of 2.2,
anyways) and will fail.

–Matt J.

If it only happens sporadically for some users it’s probably caused by
an ActionController::InvalidAuthenticityToken which again is caused by
disabled cookies in the users browser.

You can handle these errors by adding this to your application
controller:

rescue_from ActionController::InvalidAuthenticityToken, :with =>
:handle_token_issues

def handle_token_issues
redirect_to(somewhere) #redirect to page for handling this issue
end

If this were a problem caused by wrong protect_from_forgery settings I
think it would also show up in development.

salamander wrote:

Thanks for the tip! I’ve learned that a couple of users with this
issue were using Internet Explorer 8 for Windows without restrictions
on handling cookies. Am using rails 2.3.4, and authlogic.

I’m also having the same issue. It seems very random, but is tied to
IE8. I did do some additional testing, and I do think it’s with cookies
not being set. When going into IE8 privacy settings and bumping it up
to “High” I am able to get that error. However, I think I’m also
getting the same issue when it’s set to “Normal”. Still doing some
testing and I’ll post back if I find anything else.

Thanks for the tip! I’ve learned that a couple of users with this
issue were using Internet Explorer 8 for Windows without restrictions
on handling cookies. Am using rails 2.3.4, and authlogic.