Ask A Question


You’re not receiving notifications from this thread.

why there is no crsf token when i use remote true with data type as "script" ? How this is different from ajax?

naveen kumar asked in Rails

<%= select_tag "event[#{inquiry.slug}]", options_for_select([ "PENDING", "CONFIRMED" ], inquiry.status), :data => {url: update_status_vendor_inquiry_path(inquiry),method: "put", type: "script", remote: true} %>


Hey Naveen,

In this case, it looks like you created a select without a matching form tag. The CSRF token actually gets generated by the form_tag and form_for helpers so if you just wrap your select with form_tag, you'll be fine. You can then move your URL, method, and remote options to the form_tag and have that all organized nicely and that should fix your issue.

The problem you saw was that, while you can try to put the remote: true options on a select tag directly, it isn't going to generate the CSRF token to send along with.

Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 82,969+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.