Set the CSRF token for Rails when doing Ajax requests

csrf-token.js

define( ['jquery'], function ( $ ) {
  var token = $( 'meta[name="csrf-token"]' ).attr( 'content' );

  $.ajaxSetup( {
    beforeSend: function ( xhr ) {
      xhr.setRequestHeader( 'X-CSRF-Token', token );
    }
  });

  return token; 
});

Since it's Rails, you may want a Sprockets-friendly version too.

// Ensure this is required somewhere by Sprockets after jQuery
//
//= require csrf-token
//
(function() {
  if ($) {
    var token = $( 'meta[name="csrf-token"]' ).attr( 'content' );

    $.ajaxSetup( {
      beforeSend: function ( xhr ) {
        xhr.setRequestHeader( 'X-CSRF-Token', token );
      }
    });      
  }
})();

@juliocesar, Sprockets? Hell no.

This guy ^

Can I ask you how to create this cookie in Rails? On ApplicationController maybe? On every NON-GET action?