Skip to content

Commit

Permalink
Make rails.js include the CSRF token in the X-CSRF-Token header with …
Browse files Browse the repository at this point in the history 
…every ajax request.
  • Loading branch information
@NZKoz
NZKoz committed Jan 31, 2011
1 parent 66ce384 commit 7b64ade
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions railties/lib/rails/generators/rails/app/templates/public/javascripts/rails.js
View file
Expand Up @@ -172,4 +172,20 @@
input.disabled = false;
});
});

Ajax.Responders.register({
onCreate: function(request) {
var csrf_meta_tag = $$('meta[name=csrf-token]')[0];

if (csrf_meta_tag) {
var header = 'X-CSRF-Token',
token = csrf_meta_tag.readAttribute('content');

if (!request.options.requestHeaders) {
request.options.requestHeaders = {};
}
request.options.requestHeaders[header] = token;
}
}
});
})();

0 comments on commit 7b64ade

Please sign in to comment.