CSRF token fix
This commit is contained in:
parent
69b392b739
commit
0dc5f24c6c
|
@ -14,6 +14,10 @@ $ ->
|
|||
if l.hostname not in ['beathaven.org', 'dev.beathaven.org']
|
||||
l.href = 'http://beathaven.org/'+ l.hash
|
||||
|
||||
$.ajaxSetup
|
||||
beforeSend: (xhr) ->
|
||||
xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content'))
|
||||
|
||||
window._beathaven = new BeatHaven()
|
||||
window._beathaven.init()
|
||||
|
||||
|
|
|
@ -13,8 +13,6 @@ class window.Session
|
|||
|
||||
setUser: (user) ->
|
||||
@user = user
|
||||
_beathaven.lang = @user.lang || 'ru'
|
||||
_beathaven.localizeHTML()
|
||||
false
|
||||
|
||||
getUser: ->
|
||||
|
@ -22,6 +20,7 @@ class window.Session
|
|||
|
||||
query: (url, params, callback) ->
|
||||
q_params = $.extend {}, @vk_params, params
|
||||
q_params.authenticity_token = $('meta[name="csrf-token"]').attr('content')
|
||||
$.post url, q_params, callback
|
||||
false
|
||||
|
||||
|
|
|
@ -8,7 +8,6 @@ class window.Vkontakte
|
|||
@api_id
|
||||
|
||||
init: ->
|
||||
|
||||
window.vkAsyncInit = ->
|
||||
VK.init apiId: _vkontakte.getApiId()
|
||||
VK.Auth.getLoginStatus (response) ->
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
%head
|
||||
%title BeatHaven
|
||||
%meta{ :charset => "utf-8" }
|
||||
%meta{ :name => 'csrf-token', :content => form_authenticity_token }
|
||||
%link{ :rel => "shortcut icon", :href => "/favicon.ico" }
|
||||
= stylesheet_link_tag "application"
|
||||
= javascript_include_tag "application"
|
||||
|
|
Loading…
Reference in New Issue