Mercurial > public > sg101
comparison gpp/shoutbox/static/js/shoutbox.js @ 322:c3d3d7114749
Fix #148; Django now requires AJAX posts to present the CSRF token. Added code suggested by Django docs to shoutbox.js. Since shoutbox.js is on every page, it should cover all cases.
| author | Brian Neal <bgneal@gmail.com> |
|---|---|
| date | Sat, 12 Feb 2011 21:37:17 +0000 |
| parents | 88b2b9cb8c1f |
| children | 85d7b62d5c17 |
comparison
equal
deleted
inserted
replaced
| 321:28de6caa4e6d | 322:c3d3d7114749 |
|---|---|
| 1 $(document).ready(function() { | 1 $(document).ready(function() { |
| 2 $.ajaxSetup({ | |
| 3 beforeSend: function(xhr, settings) { | |
| 4 function getCookie(name) { | |
| 5 var cookieValue = null; | |
| 6 if (document.cookie && document.cookie != '') { | |
| 7 var cookies = document.cookie.split(';'); | |
| 8 for (var i = 0; i < cookies.length; i++) { | |
| 9 var cookie = jQuery.trim(cookies[i]); | |
| 10 // Does this cookie string begin with the name we want? | |
| 11 if (cookie.substring(0, name.length + 1) == (name + '=')) { | |
| 12 cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); | |
| 13 break; | |
| 14 } | |
| 15 } | |
| 16 } | |
| 17 return cookieValue; | |
| 18 } | |
| 19 if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) { | |
| 20 // Only send the token to relative URLs i.e. locally. | |
| 21 xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken')); | |
| 22 } | |
| 23 } | |
| 24 }); | |
| 2 | 25 |
| 3 var numShouts = $('#shoutbox-shout-container > p').size(); | 26 var numShouts = $('#shoutbox-shout-container > p').size(); |
| 4 var sbBox = $('#shoutbox-shout-container'); | 27 var sbBox = $('#shoutbox-shout-container'); |
| 5 | 28 |
| 6 if (numShouts < 2) | 29 if (numShouts < 2) |