Here is the controller :-
class CommentsController < ApplicationController
before_filter :load_article, :except => :destroy
before_filter :authenticate, :only => :destroy
def new
respond_to do |format|
format.js
end
end
def create
@comment = @article.comments.new(comment_params)
if @comment.save
redirect_to @article, notice: 'Thanks for your comment'
else
redirect_to @article, alert: 'Unable to add comment'
end
end
def destroy
@article = current_user.articles.find(params[:article_id])
@comment = @article.comments.find(params[:id])
@comment.destroy
redirect_to @article, notice: 'Comment Deleted'
end
private
def load_article
@article = Article.find(params[:article_id])
end
def comment_params
params.require(:comment).permit(:name, :email, :body)
end
end
---------------------
app/views/articles/show.html.erb
-------------------------
<%= render @article %>
<h3>Comments</h3>
<div id="comments">
<%= render @article.comments %>
</div>
<%= link_to "new comment", new_article_comment_path(@article, :format => :js),
:remote => true, :id => 'new_comment_link' %>
---------------
app/views/comments/new.js.erb
$("<%= escape_javascript render(file: 'comments/new.html.erb')
%>").insertAfter('#comments');
$('#new_comment_link').hide();
I am getting the below error :-
Started GET "/articles/1/comments/new.js" for 127.0.0.1 at 2014-07-05 09:22:20
+0530
Processing by CommentsController#new as JS
Parameters: {"article_id"=>"1"}
Article Load (0.2ms) SELECT "articles".* FROM "articles" WHERE
"articles"."id" = ? LIMIT 1 [["id", 1]]
Rendered comments/new.html.erb (35.1ms)
Rendered comments/new.js.erb (37.5ms)
Security warning: an embedded <script> tag on another site requested protected
JavaScript. If you know what you're doing, go ahead and disable forgery
protection on this action to permit cross-origin JavaScript embedding.
Completed 500 Internal Server Error in 51ms
ActionController::InvalidCrossOriginRequest (Security warning: an embedded
<script> tag on another site requested protected JavaScript. If you know what
you're doing, go ahead and disable forgery protection on this action to permit
cross-origin JavaScript embedding.):
actionpack (4.1.1)
lib/action_controller/metal/request_forgery_protection.rb:217:in
`verify_same_origin_request'
--
================
Regards,
Arup Rakshit
================
Debugging is twice as hard as writing the code in the first place. Therefore,
if you write the code as cleverly as possible, you are, by definition, not
smart enough to debug it.
--Brian Kernighan