I’ve attached an Ajax POST request to a link. The request is failing
(InvalidAuthenticityToken) because I’m not sending the authenticity
token with it.
Searching the forums led me to these two methods…
Which I can use to generate the necessary information on my HTML pages.
However, because I am not building a complete form for this request, I
thought I would place the information into an arbitrary input field, but
I’m not sure where.
For the sake of being practical and consistent, I thought the footer a
good place. Example…
I don’t think having the authenticity token on every page is less
secure than having it on some pages.
Does anyone feel differently?