Reputation: 2236
I'm getting a this error message: Can't verify CSRF token authenticity
Although when I look in the log I can see that the client did send the token to the server.
I, [2015-05-31T16:40:28.832719 #30768] INFO -- : Parameters: {"utf8"=>"✓", "authenticity_token"=>"E1GjDUm3LomswskJKg72HjJz7fQ5BOWceGwAauq5B48=", "company"=>{"work_time_start"=>"8", "work_time_end"=>"18", "time_rounding"=>"15", "weekends"=>"6,0", "overlap"=>"1", "week_start"=>"1", "currency"=>"USD", "number_format"=>"12,345.00", "date_format"=>"MM/DD/YYYY", "time_format"=>"12-hour (06:00 PM)"}, "commit"=>"Save"}
W, [2015-05-31T16:40:28.833604 #30768] WARN -- : Can't verify CSRF token authenticity
I, [2015-05-31T16:40:28.837829 #30768] INFO -- : Completed 422 Unprocessable Entity in 5ms (ActiveRecord: 0.0ms)
When I look at the HTML that was sent to the client I see the exact same token:
In the simple form part:
<input name="authenticity_token" type="hidden" value="E1GjDUm3LomswskJKg72HjJz7fQ5BOWceGwAauq5B48=" />
And also in meta data:
<meta content="authenticity_token" name="csrf-param" />
<meta content="E1GjDUm3LomswskJKg72HjJz7fQ5BOWceGwAauq5B48=" name="csrf-token" />
Why is the server refusing the token?
Edit: I already have <%= csrf_meta_tag %> in my layout. As you can see above, the token is also being send with the post request, so the token is present in the client AND send with the request. It is also the same token that was sent by the server (see second part of my explanation).
Edit2: More info: tried this in Firefox and there it works. After that I tried with an in-private session in IE, and there it works too. So there seems to be a cookie that's blocking something.
Upvotes: 3
Views: 1239
Reputation: 21
In my case it was a forgotten rake assets:precompile
on the production server. Everything was working well in development, just not in production. Since in this specific case, I was not using the asset pipeline, I missed precompiling application.js that caused problems with turbo-links of course.
Upvotes: 1
Reputation: 114
I know this sounds pathetic, but after a solid hour struggling with this I restarted my computer and everything is now working perfectly ¯_(ツ)_/¯.
Upvotes: 0