I have found the solution according to the post
http://henrik.nyh.se/2008/05/rails-authenticity-token-with-jquery
I included in my application.js
the following
$(document).ajaxSend(function(event, request, settings) {
if (typeof(AUTH_TOKEN) == "undefined") return;
// settings.data is a serialized string like "foo=bar&baz=boink" (or
null)
settings.data = settings.data || "";
settings.data += (settings.data ? "&" : "") + "authenticity_token="
+ encodeURIComponent(AUTH_TOKEN);
});
so every time an ajax request is made authenticity_token is included
in the request