Rails - How to add CSRF Protection to forms created in javascript?

Question

I\'m using backbone.js and it works great. but the forms I\'m creating as a javascript template lacks the rails csrf protection token. How do I add it to templates I\'m crea

Answer 1

You can prepend the csrf token to every form that uses 'post' or 'delete'. Here it is in coffeescript:

$ -> 
  for f in $("form")
    if f.method == 'post' or f.method == 'delete'
      $(f).prepend("")

Make sure you have <%= csrf_meta_tags %> in your layout. It should already be in the standard 'application' layout, but add it if you're using a different layout.