A quick answer to a problem that’s not obvious but is easy to solve.

If users occasionally get a 422 error (usually when trying to logon) saying:
The change you wanted was rejected.
Maybe you tried to change something you didn’t have access to.

The server error is:
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken)
/public/422.html (422 Unprocessable Entity)

It’s because the user has disabled cookies! It’s up to you to catch and deal with it better.

Processing SessionsController#create (for 163.1.180.9 at 2009-07-31 14:23:25) [POST]
  Parameters: {"commit"=>"Sign in", "action"=>"create", "authenticity_token"=>"z8VBO3J6AgbgzrwAYTc/ZLAQIf6zwnATa3GfI8xTUEw=", "to"=>"", "controller"=>"sessions", "password"=>"[FILTERED]", "email"=>"", "remember_me"=>"1"}

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
  passenger (2.2.4) lib/phusion_passenger/rack/request_handler.rb:91:in `process_request'
  passenger (2.2.4) lib/phusion_passenger/abstract_request_handler.rb:206:in `main_loop'
  passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:376:in `start_request_handler'
  passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:334:in `handle_spawn_application'
  passenger (2.2.4) lib/phusion_passenger/utils.rb:182:in `safe_fork'
  passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:332:in `handle_spawn_application'
  passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `__send__'
  passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `main_loop'
  passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:195:in `start_synchronously'
  passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:162:in `start'
  passenger (2.2.4) lib/phusion_passenger/railz/application_spawner.rb:213:in `start'
  passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:261:in `spawn_rails_application'
  passenger (2.2.4) lib/phusion_passenger/abstract_server_collection.rb:126:in `lookup_or_add'
  passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:255:in `spawn_rails_application'
  passenger (2.2.4) lib/phusion_passenger/abstract_server_collection.rb:80:in `synchronize'
  passenger (2.2.4) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
  passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:254:in `spawn_rails_application'
  passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:153:in `spawn_application'
  passenger (2.2.4) lib/phusion_passenger/spawn_manager.rb:286:in `handle_spawn_application'
  passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `__send__'
  passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:351:in `main_loop'
  passenger (2.2.4) lib/phusion_passenger/abstract_server.rb:195:in `start_synchronously'

Rendering /public/422.html (422 Unprocessable Entity)

Hope that helps someone.