ActionController::InvalidAuthenticityToken in Rails 5

Question

I'm getting ActionController::InvalidAuthenticityToken in rails 5. It was working correctly for a while, and then just gave up working.

# Application Controller
class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
end

I'm using the rails form helper, and passing in a form object

# price_history/new.html.erb
<%= form_for @price_history_form, url: 'price_history' do |f| %>
  ...
<% end %>

I can see the authenticity token being generated in the html, and passed into the controller..

class PriceHistoriesController < ApplicationController

I'm at a loss as to why this is happening. Any thoughts?

Answer 1

An easy fix without the need of disabling Turbolinks with the Rails native UJS implementation:

$(document).on('turbolinks:load', function() {
    Rails.refreshCSRFTokens();
});