My rails app display the authenticity token in the browser url

Bottles · March 21, 2019, 2:04pm

My rails app display the authenticity token in the browser url, when i click on send in my contact form, how do i make it not shown??

here is it => http://localhost:3000/contacts/new?utf8=✓&authenticity_token=JidgUrJ2OXU%2Fy482tx8%2Bua0ZhqRwHSkXme9

Rails 5.1

ruby 2.3

routes.rb

Rails.application.routes.draw do resources :homepage root ‘homepage#index’

resources :contacts, only: [:new, :create]

end

Contacts controller

contacts.rb

class ContactsController < ApplicationController def new @contact = Contact.new end

def create
    @contact = Contact.new(params[:contact])
    @contact.request = request
    if @contact.deliver
        flash.now[:error] = nil
    else
        flash.now[:error] = "Error, couldn't send Message."
        render :new
        end
end

end

RobZolkos · March 21, 2019, 7:32pm

Looks like you are not redirecting the user to another page when the contact info has been sent.

Do you want to redirect them to the home (or another) page and show a “Your message has been sent” alert?

replace flash.now[:error] = nil with redirect_to root_path, notice: ‘Your message has been sent!’

Bottles · March 26, 2019, 10:26am

Thanks guys, for your help.But i seems to fix the problem anyway. didn’t know why, i wraped the contact#new in a html form element. I removed it and it worked