How to redirect with InvalidAuthenticityToken error

Question

I've discovered that the handle_unverified_request method can be overridden in the ApplicationController to rewrite how Rails handles InvalidAuthenticityToken errors. By default the handle_unverified_request will raise the InvalidAuthenticityToken error. I've overridden this method like so

def handle_unverified_request
  redirect_to '/422'
end

However, I'm using Airbrake which records errors that are raised on my Rails application. According to this answer, Rails can raise the error AND redirect the user to the 404 page. Does the same thing exist for the 422 page? I want to raise the InvalidAuthenticityToken and redirect the user to the 422 page. How do I do that?

Answer 1

ApplicationController.rb

  protect_from_forgery with: :exception

  rescue_from ActionController::InvalidAuthenticityToken, with: :rescue_422

  def handle_unverified_request
    raise(ActionController::InvalidAuthenticityToken)
  end

  def rescue_422
    redirect_to '/422'
  end

Answer 2

According to the link, you posted, Rails does not redirect the user to the 404 page, it renders 404 page instead. When InvalidAuthenticityToken error, Rails must render 422 page by default. It is done on Rack Middleware level.

If default behaviour is not what you want and you need redirect and Airbrake to log the exception, then you have to handle the exception and do the redirect AFTER! Airbrake logs it. I think that Airbrake logs exceptions on the Rake Middleware level, so you will have to somehow customize Rack Middleware's exceptions handler to get what you want. You will have to find out where Airbrake logs exceptions and make sure that your custom exceptions handler works after the logging.

Are you sure you want redirect, not render?