mirror of
https://gitlab.com/brutaldon/brutaldon.git
synced 2024-12-04 14:46:24 -05:00
Get intercooler ajax requests working with csrf protection
This commit is contained in:
parent
fac30d819f
commit
77b79b32b8
@ -47,7 +47,7 @@ MIDDLEWARE = [
|
|||||||
'django.middleware.security.SecurityMiddleware',
|
'django.middleware.security.SecurityMiddleware',
|
||||||
'django.contrib.sessions.middleware.SessionMiddleware',
|
'django.contrib.sessions.middleware.SessionMiddleware',
|
||||||
'django.middleware.common.CommonMiddleware',
|
'django.middleware.common.CommonMiddleware',
|
||||||
#'django.middleware.csrf.CsrfViewMiddleware',
|
'django.middleware.csrf.CsrfViewMiddleware',
|
||||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||||
'django.contrib.messages.middleware.MessageMiddleware',
|
'django.contrib.messages.middleware.MessageMiddleware',
|
||||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||||
|
@ -38,7 +38,8 @@
|
|||||||
<link rel="icon" href="{% static "images/brutaldon.png" %}" type="image/png">
|
<link rel="icon" href="{% static "images/brutaldon.png" %}" type="image/png">
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</head>
|
</head>
|
||||||
<body class="has-navbar-fixed-top">
|
<body class="has-navbar-fixed-top"
|
||||||
|
ic-global-include='{"csrfmiddlewaretoken": "{{ csrf_token }}"}'>
|
||||||
{% block navbar %}
|
{% block navbar %}
|
||||||
<nav class="navbar is-fixed-top" role="navigation"
|
<nav class="navbar is-fixed-top" role="navigation"
|
||||||
aria-label="main navigation">
|
aria-label="main navigation">
|
||||||
@ -185,29 +186,6 @@
|
|||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
$.ajaxSetup({
|
|
||||||
beforeSend: function(xhr, settings) {
|
|
||||||
function getCookie(name) {
|
|
||||||
var cookieValue = null;
|
|
||||||
if (document.cookie && document.cookie != '') {
|
|
||||||
var cookies = document.cookie.split(';');
|
|
||||||
for (var i = 0; i < cookies.length; i++) {
|
|
||||||
var cookie = jQuery.trim(cookies[i]);
|
|
||||||
// Does this cookie string begin with the name we want?
|
|
||||||
if (cookie.substring(0, name.length + 1) == (name + '=')) {
|
|
||||||
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return cookieValue;
|
|
||||||
}
|
|
||||||
if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
|
|
||||||
// Only send the token to relative URLs i.e. locally.
|
|
||||||
xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
{% block page_scripts_inline %}
|
{% block page_scripts_inline %}
|
||||||
|
Loading…
Reference in New Issue
Block a user