Mercurial > public > sg101
diff gpp/templates/base.html @ 507:8631d32e6b16
Some users are still having problems with the pop-up login. I think they are actually getting 403s because of the CSRF protection. So I have modified the base template to always have a javascript variable called csrf_token available when they aren't logged in. The ajax_login.js script was then modified to send this value with the ajax post. Fingers crossed.
| author | Brian Neal <bgneal@gmail.com> |
|---|---|
| date | Sun, 04 Dec 2011 03:05:21 +0000 |
| parents | 886cc99e8406 |
| children | 2f0a372c92b4 |
line wrap: on
line diff
--- a/gpp/templates/base.html Sat Dec 03 20:46:41 2011 +0000 +++ b/gpp/templates/base.html Sun Dec 04 03:05:21 2011 +0000 @@ -36,6 +36,7 @@ <link rel="shortcut icon" type="image/vnd.microsoft.com" href="{{ STATIC_URL }}favicon.ico" /> {% if not user.is_authenticated %} {% script_tags "jquery-ui" %} +<script type="text/javascript">var csrf_token = "{{ csrf_token }}";</script> <script type="text/javascript" src="{{ STATIC_URL }}js/ajax_login.js"></script> {% endif %} </head>