Security Rails ajax call


#1

Hi, I use Rails3.2 and JQuery. If I make an ajax call for example

$.ajax({ url: ‘YOUR URL HERE’,
type: ‘POST’,
beforeSend: function(xhr) {xhr.setRequestHeader(‘X-CSRF-Token’,
$(‘meta[name=“csrf-token”]’).attr(‘content’))},
data: ‘someData=’ + someData,
success: function(response) {
$(’#someDiv’).html(response);
}
});;

I send to the server all parameter of autentication in the header
automatically…so there isn’t the problem of security and credentials?