diff options
author | David Heinemeier Hansson <david@loudthinking.com> | 2011-04-28 22:17:10 -0600 |
---|---|---|
committer | David Heinemeier Hansson <david@loudthinking.com> | 2011-04-29 18:22:10 -0600 |
commit | e350641d021829748bfdc08c4e03ddc6607ff79c (patch) | |
tree | 8c8dae40e606105f439fa322803c43542f2c5fa5 /railties/lib | |
parent | 651836a4bd217d7d9992f4d9b34fa855aa7c0229 (diff) | |
download | rails-e350641d021829748bfdc08c4e03ddc6607ff79c.tar.gz rails-e350641d021829748bfdc08c4e03ddc6607ff79c.tar.bz2 rails-e350641d021829748bfdc08c4e03ddc6607ff79c.zip |
Include CSRF token in remote:true calls
Diffstat (limited to 'railties/lib')
-rw-r--r-- | railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js b/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js index 4dcb3779a2..8618ac5958 100644 --- a/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js +++ b/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js @@ -31,7 +31,12 @@ } else { method = element.attr('data-method'); url = element.attr('href'); - data = null; + + csrf_token = $('meta[name=csrf-token]').attr('content'); + csrf_param = $('meta[name=csrf-param]').attr('content'); + + data = {}; + data[csrf_param] = csrf_token; } $.ajax({ |