Forum: Ruby on Rails Security Rails ajax call

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Alessio V. (Guest)
on 2017-02-02 16:26
Hi, I use Rails3.2 and JQuery. If I make an ajax call for example

 $.ajax({ url: 'YOUR URL HERE',
  type: 'POST',
  beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token',
  data: 'someData=' + someData,
  success: function(response) {

I send to the server all parameter of autentication in the header there isn't the problem of security and credentials?
This topic is locked and can not be replied to.