I have an app that I am working on and what I did was added a set of filters on the index page that allows me to use Ajax to filter the result set. The filters pass through to the controller index method. That works beautifully however I ran into a cross site scripting error with pagination.
I added protect_from_forgery unless: -> { request.format.js? } however my js file that renders the partial now comes back as text instead of HTML.
Here is the line in my index.js.erb that renders the partial...
$("#training_listing").empty().html("<%= j render "listing" %>");
If I take out the protect_from_forgery and I click on the next page for pagination it gives me the cross site scripting error. If I put it in I get the text rendering if I click on the next page.
Scratching my head as I am not sure how to get around this.
Anyone have any insight?
I'll send along anything you might need to see. Didn't want to clutter the message with unneeded files..
John
