Use `form_tag` instead of `<form>`

This commit is in response to the previous error:

Error:
UserSharesAMessageTest#test_visiting_the_index:
DRb::DRbRemoteError: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken)

This commit replaces the hard-coded <form> element with a call to Rails’ form_tag view helper.

The form_tag helper’s interface closely resembles how a <form> element is declared. Its first argument is the path or URL to submit the <form> to (which is otherwise represented as the action attribute). Otherwise, the rest of the options that form_tag accepts correspond to attribute on the generated <form> element.

Most importantly, by using the form_tag and passing our <label>, <textarea> and <button> elements into the form_tag invocation’s block, we guarantee that the <form> element is generated with an <input type="hidden" name="authenticity_token" value="..."> element to integrate with Rails’ CSRF protection.

When we run the test again, it passes:


Capybara starting Puma...
* Version 3.12.1 , codename: Llamas in Pajamas
* Min threads: 0, max threads: 4
* Listening on tcp://127.0.0.1:55494
.

Finished in 4.141942s, 0.2414 runs/s, 0.2414 assertions/s.
1 runs, 1 assertions, 0 failures, 0 errors, 0 skips


      app/views/notes/new.html.erb

diff --git a/app/views/notes/new.html.erb b/app/views/notes/new.html.erb
index 10ebc3d..8c45414 100644
--- a/app/views/notes/new.html.erb
+++ b/app/views/notes/new.html.erb
@@ -1,6 +1,6 @@
-<form action="/notes" method="post">
+<%= form_tag "/notes", method: :post do %>
   <label for="content">Message</label>
   <textarea id="content" name="content"></textarea>
 
   <button>Share</button>
-</form>
+<% end %>

Use form_tag instead of <form>

Use `form_tag` instead of `<form>`