CSRF token error occurs when using turbolinks with ruby on rails

Question

A CSRF token error (Can't verify CSRF token authenticity.) will occur if Post transmission is performed on the transition page using turbolinks.

But, when reloading the page, no error occurs.

How can I solve it?

---

Mr.Mark

Thank you for answering.

Is it due to the fact that the csrf-token of the header is different from the csrf-token of the form?

Why is csrf-token different when using turbolink?

I solved it in the following way, but what do you think?

$(document).on('turbolinks:load', function() {
  token = $("meta[name='csrf-token']").attr("content"); 
  $("input[name='authenticity_token']").val(token)
});

Answer 1

I know this is a year old question but this might help someone in need.

The problem here is the csrf-token in meta tag is different from authenticity_token in the form. I believe turbolinks could be the culprit here.

The solution that worked for me is:

$(document).on('turbolinks:load', function(){ $.rails.refreshCSRFTokens(); });

You will need rails-ujs or jquery-ujs included with your app. If you're on Rails 6, I believe you already have rails-ujs by default.