[bitbake-devel] [PATCH 6/8] toastergui: add csrf tokens for AJAX calls
Alex DAMIAN
alexandru.damian at intel.com
Thu Feb 26 21:41:59 UTC 2015
From: Alexandru DAMIAN <alexandru.damian at intel.com>
This patch adds CSRF tokens in pages using AJAX calls in
order to force Django to generate the CSRF cookie used to
authenticate the call.
Signed-off-by: Alexandru DAMIAN <alexandru.damian at intel.com>
---
lib/toaster/toastergui/templates/layers.html | 1 +
lib/toaster/toastergui/templates/managed_mrb_section.html | 1 +
lib/toaster/toastergui/templates/projectconf.html | 1 +
lib/toaster/toastergui/templates/targets.html | 1 +
4 files changed, 4 insertions(+)
diff --git a/lib/toaster/toastergui/templates/layers.html b/lib/toaster/toastergui/templates/layers.html
index 5cfda5b..864e156 100644
--- a/lib/toaster/toastergui/templates/layers.html
+++ b/lib/toaster/toastergui/templates/layers.html
@@ -117,6 +117,7 @@
var tooltipUpdateText;
+/* ensure csrf cookie exists {% csrf_token %} */
function _makeXHREditCall(data, onsuccess, onfail) {
$.ajax( {
type: "POST",
diff --git a/lib/toaster/toastergui/templates/managed_mrb_section.html b/lib/toaster/toastergui/templates/managed_mrb_section.html
index 08bb05d..d6e32f8 100644
--- a/lib/toaster/toastergui/templates/managed_mrb_section.html
+++ b/lib/toaster/toastergui/templates/managed_mrb_section.html
@@ -156,6 +156,7 @@
<script>
+/* ensure csrf cookie exists {% csrf_token %} */
function _makeXHRBuildCall(url, data, onsuccess, onfail) {
$.ajax( {
type: "POST",
diff --git a/lib/toaster/toastergui/templates/projectconf.html b/lib/toaster/toastergui/templates/projectconf.html
index 9cacce4..dde8a11 100644
--- a/lib/toaster/toastergui/templates/projectconf.html
+++ b/lib/toaster/toastergui/templates/projectconf.html
@@ -429,6 +429,7 @@
// re-assert the event handlers
}
+ /* ensure cookie exists {% csrf_token %} */
function postEditAjaxRequest(reqdata) {
var ajax = $.ajax({
type:"POST",
diff --git a/lib/toaster/toastergui/templates/targets.html b/lib/toaster/toastergui/templates/targets.html
index 234159a..690c6a5 100644
--- a/lib/toaster/toastergui/templates/targets.html
+++ b/lib/toaster/toastergui/templates/targets.html
@@ -120,6 +120,7 @@
var tooltipUpdateText;
+/* ensure csrf cookie exists {% csrf_token %} */
function _makeXHREditCall(data, onsuccess, onfail) {
$.ajax( {
type: "POST",
--
1.9.1
More information about the bitbake-devel
mailing list