Home/ Questions/Q 348009
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T11:19:29+00:00

I have a simple form like this: <form name=serachForm method=post action=/home/search> <input type=text name=searchText

  • 0

I have a simple form like this:

<form name="serachForm" method="post" action="/home/search">   
  <input type="text" name="searchText" size="15" value="">
  <input class="image" name="searchsubmit" value="Busca" src="/images/btn_go_search.gif" align="top" border="0" height="17" type="image" width="29">
</form>

And a controller with this method:

  def busca
    puts params[:searchText]
  end

When I do a click on the image button in the form I get a ActionController::InvalidAuthenticityToken. here’s the full StackTrace:

/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/request_forgery_protection.rb:86:in
verify_authenticity_token'
/Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
send’
/Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:178:in
evaluate_method'
/Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/callbacks.rb:166:in
call’
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:225:in
call'
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:629:in
run_before_filters’
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:615:in
call_filters'
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:610:in
perform_action_without_benchmark’
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
perform_action_without_rescue'
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/benchmarking.rb:68:in
perform_action_without_rescue’
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/rescue.rb:136:in
perform_action_without_caching'
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/caching/sql_cache.rb:13:inperform_action’
/Library/Ruby/Gems/1.8/gems/activerecord-2.2.2/lib/active_record/connection_adapters/abstract/query_cache.rb:34:in
cache'
/Library/Ruby/Gems/1.8/gems/activerecord-2.2.2/lib/active_record/query_cache.rb:8:in
cache’
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/caching/sql_cache.rb:12:in perform_action'
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:524:in
send’
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:524:in
process_without_filters'
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/filters.rb:606:in
process_without_session_management_support’
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/session_management.rb:134:in
process'
/Library/Ruby/Gems/1.8/gems/actionpack-2.2.2/lib/action_controller/base.rb:392:in
process’
/Library/Ruby/Gems/1.8/gems/rails-2.2.2/lib/webrick_server.rb:74:in
service'
/Library/Ruby/Gems/1.8/gems/rails-2.2.2/lib/commands/servers/webrick.rb:66 /Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
require’
/Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:521:in
new_constants_in'
/Library/Ruby/Gems/1.8/gems/activesupport-2.2.2/lib/active_support/dependencies.rb:153:in
require’
/Library/Ruby/Gems/1.8/gems/rails-2.2.2/lib/commands/server.rb:49

What is happening?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    By default, all non-GET actions requires the authenticity token to be passed along with the request. Rails uses the authenticity token to avoid CSRF attacks.

    The easiest way to ensure that it is always in place, is to use the form_tag helper instead of writing the HTML by hand.

    <% form_tag "/home/search", :name => "searchForm" do %>
  fields here
<% end %>
    • 0