Why does adding a file field to my form cause "can't verify CSRF token..."

Question

I have (probably) a simple problem that I can't seem to wrap my head around.

I have a simple form to edit a tenant object in my rails application. It works as expected.

However, when I add the <%= f.file_field :logo %> line into my form, I get the Can't verify CSRF token authenticity. error.

My question: Why does adding the file_field result in this CSRF error?

The form in question:

....
<%= form_for(tenant,:html=>{:id=>"your_form_id",:multipart => true,:remote=>true}) do |f| %>
  <%= render 'errors/form_errors', object: @tenant %>

  <div id="login-form">
    <div class="field">
      <%= f.text_field :name, placeholder: "name" %>
    </div>
    </br>
    <div class="field">
      <%= f.email_field :email, placeholder: "email" %>
    </div>
    </br>
    <div class="field">
      <%= f.phone_field :phone, id: "phoneNumber", placeholder: "(XXX) XXX-XXXX", onkeypress:"return numberPressed(event);" %>
    </div>
    </br>

    <div class="field">
      <%= f.file_field :logo %> //WORKS FINE WITHOUT THIS FIELD!
    </div>

    <div class="actions">
      <%= f.submit id: "login-button", class: "btn-outline-primary", value: "Save",'data-disable-with':"Wait..." %>
    </div>
  </div>

<% end %>
....

additionally, here is the code that brings up the form. Not sure if it has any relevance.

This is the code in the file that brings up my form: edit.js.erb

closeLightbox();
$("body").prepend('<%= escape_javascript(render 'edit', tenant: @tenant) %>');

EDIT: I have found a solution, although I don't really understand why it is necessary. See answer below.

Answer 1

I found this in another thread, and it solves my problem:

I added the following to my form:

<%= token_tag(nil) %>