Rails simple form gives an InvalidAuthenticityToken error
I have a simple form:
<form name="serachForm" method="post" action="/home/search">
<input type="text" name="searchText" size="15" value="">
<input class="image" name="searchsubmit" value="Busca" src="/images/btn_go_search.gif" align="top" border="0" height="17" type="image" width="29">
</form>
And the controller using this method:
def busca
puts params[:searchText]
end
When I click the image button on the form, I get an ActionController :: InvalidAuthenticityToken. here's the full stacktrace:
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/request_forgery_protection.rb:86:in
verify_authenticity_token' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:insend "/Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support /callbacks.rb:178:inevaluate_method' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:166:inCall "/ Library / Ruby / Gems / 1.8 / gems / actionpack-2.2.2 / lib / action_controller / filters.rb: 225: incall' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:inrun_before_filters' / Library / Ruby / Gems / 1.8 / gems /actionpack-2.2.2/lib/action_controller/filters.rb:615:incall_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:610:inperform_action_without_benchmark "/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:inperform_action_without_rescue' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:inperform_action_without_rescue" / Library / Ruby / Gems / 1.8 / gems / actionpack-2.2.2 / lib / action_controller / rescue.rb: 136: inperform_action_without_caching' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/caching/sql_cache.rb:13:inperform_action "/Library/Ruby/Gems/1.8/gems/activerecord-2.2.2/lib/active_record/connection_adapters/abstract/query_cache.rb:34:incache' /Library/Ruby/Gems/1.8/gems/activerecord-2.2.2/lib/active_record/query_cache.rb:8:incache" / Library / Ruby / Gems / 1.8 / gems / actionpack-2.2 .2 / lib / action_controller / caching / sql_cache.rb: 12: inperform_action' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:524:insend to '/ Library / Ruby / Gems / 1.8 / gems / actionpack-2.2.2 / lib / action_controller / base.rb: 524: inprocess_without_filters' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:inprocess_without_session_management_support "/ Library /Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/session_management.rb:134:inprocess' /Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:392:inprocess / Library / Ruby / Gems / 1.8 / gems / rails-2.2.2 / lib / webrick_server.rb: 74: inservice' /Library/Ruby/Gems/1.8/gems/rails-2.2.2/lib/commands/servers/webrick.rb:66 /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:inrequires "/ Library / Ruby / Gems / 1.8 / gems / activesupport-2.2.2 / lib / active_support / dependencies.rb: 521: innew_constants_in' /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:inrequires" / Library / Ruby / Gems / 1.8 / gems / rails-2.2. 2 / lib / commands / server.rb: 49
What's happening?
Using an auxiliary form element, as others suggested above, will work.
Since this is a search form, the method really needs to be "get". In general, you should use "get" if something in the database does not change.
Using the = 'get' method for search forms is also a convenient bookmark / back button.