Send csrf header for ajax requests

Author: sigurdga

fileupload/static/js/csrf.js

@@ -0,0 +1,22 @@
+// modify jquery ajax to add csrtoken when doing "local" requests
+$('html').ajaxSend(function(event, xhr, settings) {
+    function getCookie(name) {
+        var cookieValue = null;
+        if (document.cookie && document.cookie != '') {
+            var cookies = document.cookie.split(';');
+            for (var i = 0; i < cookies.length; i++) {
+                var cookie = jQuery.trim(cookies[i]);
+                // Does this cookie string begin with the name we want?
+                if (cookie.substring(0, name.length + 1) == (name + '=')) {
+                    cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
+                    break;
+                }
+            }
+        }
+        return cookieValue;
+    }
+    if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
+        // Only send the token to relative URLs i.e. locally.
+        xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
+    }
+});

fileupload/templates/fileupload/picture_form.html

@@ -84,4 +84,5 @@ <h3 class="modal-title"></h3>
 <script src="{{ STATIC_URL }}js/jquery.fileupload-ui.js"></script>
 <script src="{{ STATIC_URL }}js/locale.js"></script>
 <script src="{{ STATIC_URL }}js/main.js"></script>
+<script src="{{ STATIC_URL }}js/csrf.js"></script>
 {% endblock %}