Is using js.erb files in conjunction with rails and jquery safe?

I have seen many resources on using jQuery with rails where people recommend ha开发者_开发问答ving callback functions in .js.erb files, however I have also heard that passing data this way leaves me vulnerable to man in the middle attacks. Is this true? What are the security concerns and is there a way to do it safely?

Thanks

The best way to prevent MITM attacks in web applications is to use https for all requests. Specifically any requests in which a cookie or session id is transferred, and the transfer of the JavaScript code its self.

This is discussed in the OWASP top 10 2010 in section A3: "Broken authentication and session management."