My rails app display the authenticity token in the browser url, when i click on send in my contact form, how do i make it not shown??
here is it => http://localhost:3000/contacts/new?utf8=✓&authenticity_token=JidgUrJ2OXU%2Fy482tx8%2Bua0ZhqRwHSkXme9
Rails 5.1
ruby 2.3
routes.rb
Rails.application.routes.draw do resources :homepage root ‘homepage#index’
resources :contacts, only: [:new, :create]
end
Contacts controller
contacts.rb
class ContactsController < ApplicationController def new @contact = Contact.new end
def create
@contact = Contact.new(params[:contact])
@contact.request = request
if @contact.deliver
flash.now[:error] = nil
else
flash.now[:error] = "Error, couldn't send Message."
render :new
end
end
end