Rails form with multiple submit actions has invalid auth token (CSRF error)
22:11 26 Jan 2022

I have a rails form:

<%= form_with(model: activity, method: 'POST', url: retry_failed_post_path, class: 'px-4', data: { turbo: false }) do |form| %>
  

    <%= form.hidden_field :id, value: activity.id %>
    <%= form.labeled_text_field :response, name: '', readonly: true, label: 'Response from...', value: 'Invalid or expired token' %>

    <% token_tag %>
    

      <%= form.submit 'Retry', class: 'btn btn-primary' %>
      <%= form.submit 'Remove from Queue', class: 'btn btn-primary btn-outline', formaction: remove_failed_post_path %>
      

        <%= iconhelper :info, size: '8' %>
      

    

  

<% end %>

Resulting in the following HTML:

When using the first submit button my form submits fine, with no problems. However, when I submit using the second submit button (using the formation override) I receive an invalid auth token error. Can someone help explain why and how to fix it?

[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] ActionController::InvalidAuthenticityToken excluded from capture: DSN not set
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f]   
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f]   
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] actionpack (6.1.4) lib/action_controller/metal/request_forgery_protection.rb:211:in `handle_unverified_request'
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] actionpack (6.1.4) lib/action_controller/metal/request_forgery_protection.rb:243:in `handle_unverified_request'
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] actionpack (6.1.4) lib/action_controller/metal/request_forgery_protection.rb:238:in `verify_authenticity_token'
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] activesupport (6.1.4) lib/active_support/callbacks.rb:427:in `block in make_lambda'
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] activesupport (6.1.4) lib/active_support/callbacks.rb:198:in `block (2 levels) in halting'
[0ba3ef85-2fa4-474d-82d2-f3f03fc8046f] actionpack (6.1.4) lib/abstract_controller/callbacks.rb:34:in `block (2 levels) in '
html ruby-on-rails csrf csrf-token