Ask A Question

Notifications

You’re not receiving notifications from this thread.

why there is no crsf token when i use remote true with data type as "script" ? How this is different from ajax?

naveen kumar asked in Rails
naveen kumar naveen kumar

<%= select_tag "event[#{inquiry.slug}]", options_for_select([ "PENDING", "CONFIRMED" ], inquiry.status), :data => {url: update_status_vendor_inquiry_path(inquiry),method: "put", type: "script", remote: true} %>

Reply
Chris Oliver Chris Oliver

Hey Naveen,

In this case, it looks like you created a select without a matching form tag. The CSRF token actually gets generated by the form_tag and form_for helpers so if you just wrap your select with form_tag, you'll be fine. You can then move your URL, method, and remote options to the form_tag and have that all organized nicely and that should fix your issue.

The problem you saw was that, while you can try to put the remote: true options on a select tag directly, it isn't going to generate the CSRF token to send along with.

Reply
Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 73,723+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more. Icons by Icons8

    Twitter GitHub

    Solutions

    Support

    Company

    Legal

    © 2023 GoRails, LLC. All rights reserved.