RailsCasts Pro episodes are now free!

Learn more or hide this

Adam Cuppy's Profile

GitHub User: acuppy

Site: http://www.codingzeal.com

Comments by Adam Cuppy


Sadly, that is only available to 1.7+


The error is due to a violation of the same-site origin policy caused by the AJAX calling to a script on another domain. It would be better to use jQuery or raw Javascript to append a new script element to the head and allow the browser to interpret it as a static asset.

   var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
   if (d.getElementById(id)) {return;}
   js = d.createElement('script'); js.id = id; js.async = true;
   js.src = "//connect.facebook.net/en_US/all.js";
   ref.parentNode.insertBefore(js, ref);

So I just want to clarify: If all connections are https and everything is using the built in sessions, do I need to set a secure cookie to be safe? or will that just be happening automatically?