Requiring translation files generates CSRF related error.

[pcriv]

When i add

//= require pickadate/translations/es_ES

to application.js I get this error:

Can't verify CSRF token authenticity
Completed 401 Unauthorized in 1ms (ActiveRecord: 0.0ms)

If i remove that line it works fine.

[sigvei]

I haven't got much to add as to why this happens, but I can confirm that this happens for me as well. Seems like a really weird bug.

[ghost]

👍 Please fix this.

[harmdewit]

Here's a fix:

jQuery.extend( jQuery.fn.pickadate.defaults, {
    hiddenName: true
});

Explanation

When using translations the value being displayed are different from the the value being submitted by using different values for the options format and formatSubmit. This works by adding an hidden input with the same name + suffix to the end of the form like post[created_at]_hidden. Input names like these apparently cause errors like these in ruby servers and rails (see: amsul/pickadate.js#208)

By setting hiddenName: true this is fixed by just using adding an hidden input with the same name instead of adding the suffix. This is the best solution imo. If you want you can also fix this by removing the suffix with hiddenSuffix: "" and optionally set an hidden prefix with hiddenPrefix: "".

[harmdewit]

I would argue setting hiddenName to true by default, but i could imagine this would break things for users that like to upgrade and already rely on parsing values with the suffix/prefix.