getting it from a cookie is better than sticking it in a meta tag

author Scott Baker <smbaker@gmail.com>

Tue, 28 Oct 2014 23:02:05 +0000 (16:02 -0700)

committer Scott Baker <smbaker@gmail.com>

Tue, 28 Oct 2014 23:02:05 +0000 (16:02 -0700)
author Scott Baker <smbaker@gmail.com>
Tue, 28 Oct 2014 23:02:05 +0000 (16:02 -0700)
committer Scott Baker <smbaker@gmail.com>
Tue, 28 Oct 2014 23:02:05 +0000 (16:02 -0700)
diff --git a/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js b/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js

index af79852..cd1c305 100644 (file)
--- a/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js
+++ b/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js
@@ -14,6 +14,22 @@ if (! window.XOSLIB_LOADED ) {
  
      SLICEPLUS_API = "/xoslib/slicesplus/";
  
+    function getCookie(name) {
+        var cookieValue = null;\r
+        if (document.cookie && document.cookie != '') {\r
+            var cookies = document.cookie.split(';');\r
+            for (var i = 0; i < cookies.length; i++) {\r
+                var cookie = jQuery.trim(cookies[i]);\r
+                // Does this cookie string begin with the name we want?\r
+                if (cookie.substring(0, name.length + 1) == (name + '=')) {\r
+                    cookieValue = decodeURIComponent(cookie.substring(name.length + 1));\r
+                    break;\r
+                }\r
+            }\r
+        }\r
+        return cookieValue;\r
+    }
+
      XOSModel = Backbone.Model.extend({
          /* from backbone-tastypie.js */
          //idAttribute: 'resource_uri',
@@ -231,7 +247,8 @@ if (! window.XOSLIB_LOADED ) {
        var _sync = Backbone.sync;\r
        Backbone.sync = function(method, model, options){\r
          options.beforeSend = function(xhr){\r
-          var token = $('meta[name="csrf-token"]').attr('content');\r
+          //var token = $('meta[name="csrf-token"]').attr('content');\r
+          var token = getCookie("csrftoken");\r
            xhr.setRequestHeader('X-CSRFToken', token);\r
            console.log(token);\r
          };\r
diff --git a/planetstack/templates/admin/base.html b/planetstack/templates/admin/base.html

index 21f7974..dc92ca9 100644 (file)
--- a/planetstack/templates/admin/base.html
+++ b/planetstack/templates/admin/base.html
@@ -2,7 +2,6 @@
  <html lang="{{ LANGUAGE_CODE|default:"en-us" }}" {% if LANGUAGE_BIDI %}dir="rtl"{% endif %}>
  <head>
    <title>{% block title %}  {%if title %} {{ title }} | {% endif %} {{ 'ADMIN_NAME'|suit_conf }}{% endblock %}</title>
-  <meta name="csrf-token" content="{{csrf_token}}">
    <link rel="stylesheet" type="text/css" href="{% block stylesheet %}{% endblock %}"/>
    <link rel="stylesheet" type="text/css" href="{% static 'suit/bootstrap/css/bootstrap.min.css' %}" media="all"/>
    <link rel="stylesheet" type="text/css" href="{% static 'suit/css/suit.css' %}" media="all">
author	Scott Baker <smbaker@gmail.com>
	Tue, 28 Oct 2014 23:02:05 +0000 (16:02 -0700)
committer	Scott Baker <smbaker@gmail.com>
	Tue, 28 Oct 2014 23:02:05 +0000 (16:02 -0700)
planetstack/core/xoslib/static/js/xoslib/xos-backbone.js		patch \| blob \| history
planetstack/templates/admin/base.html		patch \| blob \| history