Using layout specific javascript in comfy leads to InvalidCrossOriginRequest

Question

I'm using Comfy for building custom layouts within the web application. My problem now is, that when I try to embed the code for dynamically loading the javascript as follows:

<%= javascript_include_tag comfy_cms_render_js_path(@cms_site.id, @cms_layout.identifier) %>

This code can be found in my application.html.erb file.

When I now load the page with a comfy-defined layout I get this error:

ActionController::InvalidCrossOriginRequest (Security warning: an embedded <script> tag on another site requested protected JavaScript. If you know what you're doing, go ahead and disable forgery protection on this action to permit cross-origin JavaScript embedding.)

One possibility to resolve this issue is to remove the attribute protect_from_forgery in the application_controller.rb file. But this is not a good solution.

The same problem occurs when I embed the links to the javascript within the layout in the admin panel.

I hope you can help me.

Answer 1

Issue is fixed in current master: https://github.com/comfy/comfortable-mexican-sofa/issues/458