ruby on rails 3 不使用prototype,自己编写删除的代码

ruby on rails 3 不使用prototype,自己编写删除的代码
rails原来是隐藏了一个form来提交了一段删除的post请求,
rails使用了html5的方式来编写删除,我考虑到带宽的占用和通用性,替换掉了原来的prototype,中间还遇到了跨域提交的问题
参考
http://joshhuckabee.com/jquery-rails-3
[ccn lang="html" tab_size="4" theme="blackboard" width="800" ]

<%= link_to 'Destroy', downloads_admin_dl_type_path(dl_type), :onclick => "if (confirm('Are you sure?')) { var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;var m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method'); m.setAttribute('value', 'delete'); f.appendChild(m);f.submit(); };return false;"%>

[/ccn]
最后参考了http://www.inficone.com/technology/actioncontroller-invalid-authenticity-token-solution-for-using-ajax-on-rails/595/
修改成了
[ccn lang="html" tab_size="4" theme="blackboard" width="800" ]

<%= link_to 'Destroy', downloads_admin_dl_type_path(dl_type), :onclick => "if (confirm('Are you sure?')) { var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;var at = document.createElement('input'); at.setAttribute('type', 'hidden'); at.setAttribute('name', 'authenticity_token'); at.setAttribute('value', '#{form_authenticity_token}'); f.appendChild(at);var m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method'); m.setAttribute('value', 'delete'); f.appendChild(m);f.submit(); };return false;"%>

[/ccn]

于跨域请求的文章
http://2015.iteye.com/blog/604377
如何去掉
http://snippets.dzone.com/posts/show/5508
在controller里
skip_before_filter :verify_authenticity_token
或者
protect_from_forgery :only => [:update, :delete, :create]
#or
protect_from_forgery :except => [:update, :delete, :create]