fix for production mode

app/controllers/admin/module_apps_controller.rb

@@ -13,7 +13,7 @@ class Admin::ModuleAppsController < OrbitAdminController
   	  if request.env["HTTP_REFERER"]
         redirect_to :back
       else
-        render 'public/403.html', :status => 403, :layout => false)
+        render 'public/403.html', :status => 403, :layout => false
       end
       false
     end

app/controllers/application_controller.rb

@@ -1,7 +1,7 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
-  protect_from_forgery with: :exception
+  # protect_from_forgery with: :null_session
   before_action :set_locale
   helper_method :current_site, :current_user
 

app/views/admin/dashboards/index.html.erb

@@ -1,6 +1,6 @@
 <%= javascript_include_tag "//www.google.com/jsapi", "chartkick"%>
-<%= javascript_include_tag "/static/justgage.1.0.1.min.js" %>
-<%= javascript_include_tag "/static/raphael.2.1.0.min.js" %>
+<%= javascript_include_tag "justgage.1.0.1.min" %>
+<%= javascript_include_tag "raphael.2.1.0.min" %>
 
 <section id="main-wrap">
   <div class="wrap-inner initial">

config/environments/production.rb

@@ -27,7 +27,7 @@ Orbit::Application.configure do
   # config.assets.css_compressor = :sass
 
   # Do not fallback to assets pipeline if a precompiled asset is missed.
-  config.assets.compile = false
+  config.assets.compile = true
 
   # Generate digests for assets URLs.
   config.assets.digest = true