I have a controller where I have a custom action (not part of the RESTful set) to create an association object.
The authenticity_token is not added to the form, I assume this is because the action is not part of the RESTful set?
How would I add authenticity_token when it's not automatically added?
Add
<%= hidden_field_tag "authenticity_token", form_authenticity_token %>
to your form.
You could make a helper for this:
def authenticity_token_tag
hidden_field_tag "authenticity_token", form_authenticity_token
end
then in your form you can just say
<%= authenticity_token_tag %>