kallithea Changeset - 569199be3475

Changeset - 569199be3475

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Mads Kiilerich - 11 years ago 2015-04-07 03:30:05
madski@unity3d.com

javascript: provide secure_form compatible_authentication_token in all AJAX POSTs

_authentication_token is introduced as a global javascript variable. That seems
less ugly than passing it through as parameter everywhere ... and the token
really _is_ a global thing.

3 files changed with 6 insertions and 2 deletions:

kallithea/lib/helpers.py

kallithea/public/js/base.js

kallithea/templates/base/root.html

0 comments (0 inline, 0 general)

kallithea/lib/helpers.py

➞

Show inline comments

@@ @@ -43,7 +43,7 @@ from webhelpers.html.tools import auto_l @@
     js_obfuscate, mail_to, strip_links, strip_tags, tag_re
 from webhelpers.number import format_byte_size, format_bit_size
 from webhelpers.pylonslib import Flash as _Flash
 from webhelpers.pylonslib.secure_form import secure_form as form
+from webhelpers.pylonslib.secure_form import secure_form as form, authentication_token
 from webhelpers.text import chop_at, collapse, convert_accented_entities, \
     convert_misc_entities, lchop, plural, rchop, remove_formatting, \
     replace_whitespace, urlify, truncate, wrap_paragraphs

kallithea/public/js/base.js

➞

Show inline comments

@@ @@ -391,6 +391,7 @@ var ajaxGET = function(url,success) { @@
 };
 var ajaxPOST = function(url, postData, success, failure) {
     postData['_authentication_token'] = _authentication_token;
     var postData = _toQueryString(postData);
     if(failure === undefined) {
         failure = function(jqXHR, textStatus, errorThrown) {
@@ @@ -460,6 +461,7 @@ var _onSuccessFollow = function(target){ @@
 var toggleFollowingRepo = function(target, follows_repo_id){
     var args = 'follows_repo_id=' + follows_repo_id;
     args += '&amp;_authentication_token=' + _authentication_token;
     $.post(TOGGLE_FOLLOW_URL, args, function(data){
             _onSuccessFollow(target);
         });
@@ @@ -467,7 +469,7 @@ var toggleFollowingRepo = function(targe @@
 };
 var showRepoSize = function(target, repo_name){
     var args = '';
+    var args = '_authentication_token=' + _authentication_token;
     if(!$("#" + target).hasClass('loaded')){
         $("#" + target).html(_TM['Loading ...']);

kallithea/templates/base/root.html

➞

Show inline comments

@@ @@ -55,6 +55,8 @@ @@
             %if hasattr(c, 'repo_name'):
                 var REPO_NAME = "${c.repo_name}";
             %endif
             var _authentication_token = "${h.authentication_token()}";
         </script>
         <script type="text/javascript" src="${h.url('/js/yui.2.9.js', ver=c.kallithea_version)}"></script>
         <script type="text/javascript" src="${h.url('/js/jquery-1.11.1.min.js', ver=c.kallithea_version)}"></script>

0 comments (0 inline, 0 general)