From: Stephen Burrows <stephen.r.burrows@gmail.com>
Date: Thu, 24 Feb 2011 17:38:28 +0000 (-0500)
Subject: Added CSRF cookie js to TagCreation.js... apparently it isn't in the admin by default... 
X-Git-Tag: philo-0.9~17^2~6
X-Git-Url: http://git.ithinksw.org/philo.git/commitdiff_plain/1ad3c023974f619f977d1cced84e1251846fb7a2

Added CSRF cookie js to TagCreation.js... apparently it isn't in the admin by default. Resolves issue 83.
---

diff --git a/media/admin/js/TagCreation.js b/media/admin/js/TagCreation.js
index 31f2910..d08d41e 100644
--- a/media/admin/js/TagCreation.js
+++ b/media/admin/js/TagCreation.js
@@ -1,6 +1,29 @@
 var tagCreation = window.tagCreation;
 
 (function($) {
+	location_re = new RegExp("^https?:\/\/" + window.location.host + "/")
+	
+	$('html').ajaxSend(function(event, xhr, settings) {
+		function getCookie(name) {
+			var cookieValue = null;
+			if (document.cookie && document.cookie != '') {
+				var cookies = document.cookie.split(';');
+				for (var i = 0; i < cookies.length; i++) {
+					var cookie = $.trim(cookies[i]);
+					// Does this cookie string begin with the name we want?
+					if (cookie.substring(0, name.length + 1) == (name + '=')) {
+						cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
+						break;
+					}
+				}
+			}
+			return cookieValue;
+		}
+		if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url)) || location_re.test(settings.url)) {
+			// Only send the token to relative URLs i.e. locally.
+			xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
+		}
+	});
 	tagCreation = {
 		'cache': {},
 		'addTagFromSlug': function(triggeringLink) {