303's revisited on InvalidAuthenticityToken - would be nice to see in the docs

[wdiechmann]

(didn't think it appropriate to post here hence this issue)

this is probably a 'quick to close' issue -

in the backend I use

  rescue_from ActionController::InvalidAuthenticityToken, with: :redirect_to_login

but so far I've had difficulty finding the "salt to rub" on the client - until I stumbled on the abovementioned and transposed into this:

#/views/layouts/application.html.erb
<body data-controller="body"><%= yield %></body>

#/javascripts/controllers/body.js
  connect() {
    super.connect()
    document.documentElement.addEventListener("turbo:before-fetch-response", function (e){
      if ( e.detail.fetchResponse.response.redirected==true && /login$/.test(e.detail.fetchResponse.response.url) )
        window.location.href=e.detail.fetchResponse.response.url
    })
  }
  

I'm aware of this mention but when a "link_to" like this

<%= link_to 'edit', 
    edit_post_url(@post), 
    data: { action: "click->body#openModal", 'turbo-action': 'advance', 'turbo-frame': 'modal' } %>

gets rescued like above and the "destination" is a modal I've not been able connect the dots - until now, that is 😉

Perhaps I'm entirely barking up the wrong tree (and I'm very aware of my lack of Ruby/JS-fu) - then throw this in the "byte-cinerator" or even better: tell me I'm wrong and perhaps even a link to the proper implementation for the win - but if it has merit then perhaps a brief mention in the docs might help the next "dawg" 😃