mirror of https://github.com/zulip/zulip.git
js: Extract csrf.js and include in common bundle.
This should make it possible to use this AJAX setup code in logged-out code as well, which is necessary to use blueslip from portico pages.
This commit is contained in:
parent
840210a0ba
commit
dbffa66b6d
|
@ -52,6 +52,7 @@
|
||||||
"condense": false,
|
"condense": false,
|
||||||
"confirm_dialog": false,
|
"confirm_dialog": false,
|
||||||
"copy_and_paste": false,
|
"copy_and_paste": false,
|
||||||
|
"csrf": false,
|
||||||
"csrf_token": false,
|
"csrf_token": false,
|
||||||
"current_msg_list": true,
|
"current_msg_list": true,
|
||||||
"drafts": false,
|
"drafts": false,
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
var csrf_token;
|
||||||
|
$(function () {
|
||||||
|
// This requires that we used Jinja2's {% csrf_input %} somewhere on the page.
|
||||||
|
csrf_token = $('input[name="csrfmiddlewaretoken"]').attr('value');
|
||||||
|
window.csrf_token = csrf_token;
|
||||||
|
|
||||||
|
$.ajaxSetup({
|
||||||
|
beforeSend: function (xhr, settings) {
|
||||||
|
if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
|
||||||
|
// Only send the token to relative URLs i.e. locally.
|
||||||
|
xhr.setRequestHeader("X-CSRFToken", csrf_token);
|
||||||
|
}
|
||||||
|
},
|
||||||
|
});
|
||||||
|
});
|
|
@ -1,7 +1,8 @@
|
||||||
// Miscellaneous early setup.
|
// Miscellaneous early setup.
|
||||||
|
|
||||||
var csrf_token;
|
|
||||||
$(function () {
|
$(function () {
|
||||||
|
csrf.initialize();
|
||||||
|
|
||||||
if (util.is_mobile()) {
|
if (util.is_mobile()) {
|
||||||
// if the client is mobile, disable websockets for message sending
|
// if the client is mobile, disable websockets for message sending
|
||||||
// (it doesn't work on iOS for some reason).
|
// (it doesn't work on iOS for some reason).
|
||||||
|
@ -19,10 +20,6 @@ $(function () {
|
||||||
} else if (!page_params.needs_tutorial) {
|
} else if (!page_params.needs_tutorial) {
|
||||||
$('#first_run_message').show();
|
$('#first_run_message').show();
|
||||||
}
|
}
|
||||||
// This requires that we used Django's {% csrf_token %} somewhere on the page.
|
|
||||||
csrf_token = $('input[name="csrfmiddlewaretoken"]').attr('value');
|
|
||||||
window.csrf_token = csrf_token;
|
|
||||||
|
|
||||||
|
|
||||||
// This is an issue fix where in jQuery v3 the result of outerHeight on a node
|
// This is an issue fix where in jQuery v3 the result of outerHeight on a node
|
||||||
// that doesn’t exist is now “undefined” rather than “null”, which means it
|
// that doesn’t exist is now “undefined” rather than “null”, which means it
|
||||||
|
@ -37,15 +34,6 @@ $(function () {
|
||||||
return $(this).outerWidth.apply(this, arguments) || 0;
|
return $(this).outerWidth.apply(this, arguments) || 0;
|
||||||
};
|
};
|
||||||
|
|
||||||
$.ajaxSetup({
|
|
||||||
beforeSend: function (xhr, settings) {
|
|
||||||
if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
|
|
||||||
// Only send the token to relative URLs i.e. locally.
|
|
||||||
xhr.setRequestHeader("X-CSRFToken", csrf_token);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
});
|
|
||||||
|
|
||||||
// For some reason, jQuery wants this to be attached to an element.
|
// For some reason, jQuery wants this to be attached to an element.
|
||||||
$(document).ajaxError(function (event, xhr) {
|
$(document).ajaxError(function (event, xhr) {
|
||||||
if (xhr.status === 401) {
|
if (xhr.status === 401) {
|
||||||
|
|
|
@ -37,6 +37,7 @@
|
||||||
"string.prototype.codepointat",
|
"string.prototype.codepointat",
|
||||||
"./node_modules/jquery/dist/jquery.js",
|
"./node_modules/jquery/dist/jquery.js",
|
||||||
"./node_modules/underscore/underscore.js",
|
"./node_modules/underscore/underscore.js",
|
||||||
|
"./static/js/csrf.js",
|
||||||
"./static/js/blueslip.js",
|
"./static/js/blueslip.js",
|
||||||
"./static/third/bootstrap/js/bootstrap.js",
|
"./static/third/bootstrap/js/bootstrap.js",
|
||||||
"./static/js/common.js",
|
"./static/js/common.js",
|
||||||
|
|
Loading…
Reference in New Issue