aboutsummaryrefslogtreecommitdiffstats
path: root/railties
diff options
context:
space:
mode:
authorDavid Heinemeier Hansson <david@loudthinking.com>2011-04-28 22:17:10 -0600
committerDavid Heinemeier Hansson <david@loudthinking.com>2011-04-29 18:22:10 -0600
commite350641d021829748bfdc08c4e03ddc6607ff79c (patch)
tree8c8dae40e606105f439fa322803c43542f2c5fa5 /railties
parent651836a4bd217d7d9992f4d9b34fa855aa7c0229 (diff)
downloadrails-e350641d021829748bfdc08c4e03ddc6607ff79c.tar.gz
rails-e350641d021829748bfdc08c4e03ddc6607ff79c.tar.bz2
rails-e350641d021829748bfdc08c4e03ddc6607ff79c.zip
Include CSRF token in remote:true calls
Diffstat (limited to 'railties')
-rw-r--r--railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js7
1 files changed, 6 insertions, 1 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js b/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js
index 4dcb3779a2..8618ac5958 100644
--- a/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js
+++ b/railties/lib/rails/generators/rails/app/templates/vendor/assets/javascripts/jquery_ujs.js
@@ -31,7 +31,12 @@
} else {
method = element.attr('data-method');
url = element.attr('href');
- data = null;
+
+ csrf_token = $('meta[name=csrf-token]').attr('content');
+ csrf_param = $('meta[name=csrf-param]').attr('content');
+
+ data = {};
+ data[csrf_param] = csrf_token;
}
$.ajax({