From 1ad3c023974f619f977d1cced84e1251846fb7a2 Mon Sep 17 00:00:00 2001 From: Stephen Burrows Date: Thu, 24 Feb 2011 12:38:28 -0500 Subject: [PATCH] Added CSRF cookie js to TagCreation.js... apparently it isn't in the admin by default. Resolves issue 83. --- media/admin/js/TagCreation.js | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/media/admin/js/TagCreation.js b/media/admin/js/TagCreation.js index 31f2910..d08d41e 100644 --- a/media/admin/js/TagCreation.js +++ b/media/admin/js/TagCreation.js @@ -1,6 +1,29 @@ var tagCreation = window.tagCreation; (function($) { + location_re = new RegExp("^https?:\/\/" + window.location.host + "/") + + $('html').ajaxSend(function(event, xhr, settings) { + function getCookie(name) { + var cookieValue = null; + if (document.cookie && document.cookie != '') { + var cookies = document.cookie.split(';'); + for (var i = 0; i < cookies.length; i++) { + var cookie = $.trim(cookies[i]); + // Does this cookie string begin with the name we want? + if (cookie.substring(0, name.length + 1) == (name + '=')) { + cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); + break; + } + } + } + return cookieValue; + } + if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url)) || location_re.test(settings.url)) { + // Only send the token to relative URLs i.e. locally. + xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken')); + } + }); tagCreation = { 'cache': {}, 'addTagFromSlug': function(triggeringLink) { -- 2.20.1