kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/actionview/app/assets/javascripts/rails-ujs/utils/csrf.coffee
Javan Makhmali 11341fdb3a Reorganize rails-ujs files
2017-03-30 14:41:17 -04:00

25 lines
788 B
CoffeeScript
Raw Blame History

#= require ./dom
{ $ } = Rails
# Up-to-date Cross-Site Request Forgery token
csrfToken = Rails.csrfToken = ->
meta = document.querySelector('meta[name=csrf-token]')
meta and meta.content
# URL param that must contain the CSRF token
csrfParam = Rails.csrfParam = ->
meta = document.querySelector('meta[name=csrf-param]')
meta and meta.content
# Make sure that every Ajax request sends the CSRF token
Rails.CSRFProtection = (xhr) ->
token = csrfToken()
xhr.setRequestHeader('X-CSRF-Token', token) if token?
# Make sure that all forms have actual up-to-date tokens (cached forms contain old ones)
Rails.refreshCSRFTokens = ->
token = csrfToken()
param = csrfParam()
if token? and param?
$('form input[name="' + param + '"]').forEach (input) -> input.value = token
View git blame Copy permalink