Ask A Question


You’re not receiving notifications from this thread.

why there is no crsf token when i use remote true with data type as "script" ? How this is different from ajax?

naveen kumar asked in Rails

<%= select_tag "event[#{inquiry.slug}]", options_for_select([ "PENDING", "CONFIRMED" ], inquiry.status), :data => {url: update_status_vendor_inquiry_path(inquiry),method: "put", type: "script", remote: true} %>


Hey Naveen,

In this case, it looks like you created a select without a matching form tag. The CSRF token actually gets generated by the form_tag and form_for helpers so if you just wrap your select with form_tag, you'll be fine. You can then move your URL, method, and remote options to the form_tag and have that all organized nicely and that should fix your issue.

The problem you saw was that, while you can try to put the remote: true options on a select tag directly, it isn't going to generate the CSRF token to send along with.

Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 79,047+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

    © 2023 GoRails, LLC. All rights reserved.