InvalidAuthenticityToken with Lightview


I'm integrating Lightview,, into an application.
It's more or less a content overlay similar to a light box, which then
calls the content either through an IFRAME or Ajax request. The IFRAME
works fine but for obvious reasons, I'd prefer to use Ajax but whenever
I use that option, I get the dreaded InvalidAuthenticityToken error.

Do any ideas come to mind?

Add this in the section of your main layout file:

<script type="text/javascript" charset="utf-8">

    window._token = '<%= form_authenticity_token -%>';


Add this on top of your /javascripts/application.js file:

Ajax.Base.prototype.initialize = Ajax.Base.prototype.initialize.wrap(

function(p, options){


this.options.parameters = this.options.parameters || {};

this.options.parameters.authenticity_token = window._token || '';



Presto! All ajax requests that are called from your own javascript code will have the authenticity string added to the parameters.

Best regards

Peter De Berdt