mirror of https://github.com/zulip/zulip.git
Make csrf_token global
(imported from commit 734d9c886c3a77d2ba40bd449cb089a00807a656)
This commit is contained in:
Keegan McAllister
parent
585210feaa
commit
122281553a
|
|
@ -31,7 +31,7 @@ var globals =
|
||||||
+ ' initiate_search'
|
+ ' initiate_search'
|
||||||
|
|
||||||
// setup.js
|
// setup.js
|
||||||
+ ' loading_spinner templates'
|
+ ' loading_spinner templates csrf_token'
|
||||||
|
|
||||||
// subs.js
|
// subs.js
|
||||||
+ ' subs'
|
+ ' subs'
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@
|
||||||
|
|
||||||
var loading_spinner;
|
var loading_spinner;
|
||||||
var templates = {};
|
var templates = {};
|
||||||
|
var csrf_token;
|
||||||
$(function () {
|
$(function () {
|
||||||
// Display loading indicator. This disappears after the first
|
// Display loading indicator. This disappears after the first
|
||||||
// get_updates completes.
|
// get_updates completes.
|
||||||
|
|
@ -21,13 +22,13 @@ $(function () {
|
||||||
);
|
);
|
||||||
|
|
||||||
// This requires that we used Django's {% csrf_token %} somewhere on the page.
|
// This requires that we used Django's {% csrf_token %} somewhere on the page.
|
||||||
var csrftoken = $('input[name="csrfmiddlewaretoken"]').attr('value');
|
csrf_token = $('input[name="csrfmiddlewaretoken"]').attr('value');
|
||||||
|
|
||||||
$.ajaxSetup({
|
$.ajaxSetup({
|
||||||
beforeSend: function (xhr, settings) {
|
beforeSend: function (xhr, settings) {
|
||||||
if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
|
if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
|
||||||
// Only send the token to relative URLs i.e. locally.
|
// Only send the token to relative URLs i.e. locally.
|
||||||
xhr.setRequestHeader("X-CSRFToken", csrftoken);
|
xhr.setRequestHeader("X-CSRFToken", csrf_token);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue