2018-12-17 00:15:52 +01:00
|
|
|
var csrf_token;
|
|
|
|
$(function () {
|
|
|
|
// This requires that we used Jinja2's {% csrf_input %} somewhere on the page.
|
2018-12-17 00:23:34 +01:00
|
|
|
var csrf_input = $('input[name="csrfmiddlewaretoken"]');
|
|
|
|
if (csrf_input.length > 0) {
|
|
|
|
csrf_token = csrf_input.attr('value');
|
|
|
|
} else {
|
|
|
|
csrf_token = undefined;
|
|
|
|
}
|
2018-12-17 00:15:52 +01:00
|
|
|
window.csrf_token = csrf_token;
|
|
|
|
|
2018-12-17 00:23:34 +01:00
|
|
|
if (csrf_token === undefined) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2018-12-17 00:15:52 +01:00
|
|
|
$.ajaxSetup({
|
|
|
|
beforeSend: function (xhr, settings) {
|
|
|
|
if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
|
|
|
|
// Only send the token to relative URLs i.e. locally.
|
|
|
|
xhr.setRequestHeader("X-CSRFToken", csrf_token);
|
|
|
|
}
|
|
|
|
},
|
|
|
|
});
|
|
|
|
});
|