diff options
| author |   Alexandru DAMIAN <alexandru.damian@intel.com> | 2015-02-26 21:41:59 +0000 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-02-27 07:35:09 +0000 |
| commit | 6b2403992f1f5f84114ec9b243813957ff907051 (patch) | |
| tree | 599626ba10bcc385acaa9e5724d52f53aaee57e7 | |
| parent | 90231ab63a129fa344d461c2911898ea0f07f206 (diff) | |
| download | bitbake-6b2403992f1f5f84114ec9b243813957ff907051.tar.gz | |
toastergui: add csrf tokens for AJAX calls
This patch adds CSRF tokens in pages using AJAX calls in
order to force Django to generate the CSRF cookie used to
authenticate the call.
Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 files changed, 4 insertions, 0 deletions
diff --git a/lib/toaster/toastergui/templates/layers.html b/lib/toaster/toastergui/templates/layers.html index 5cfda5b52..864e15683 100644 --- a/lib/toaster/toastergui/templates/layers.html +++ b/lib/toaster/toastergui/templates/layers.html @@ -117,6 +117,7 @@ var tooltipUpdateText; +/* ensure csrf cookie exists {% csrf_token %} */ function _makeXHREditCall(data, onsuccess, onfail) { $.ajax( { type: "POST", diff --git a/lib/toaster/toastergui/templates/managed_mrb_section.html b/lib/toaster/toastergui/templates/managed_mrb_section.html index 08bb05d97..d6e32f89c 100644 --- a/lib/toaster/toastergui/templates/managed_mrb_section.html +++ b/lib/toaster/toastergui/templates/managed_mrb_section.html @@ -156,6 +156,7 @@ <script> +/* ensure csrf cookie exists {% csrf_token %} */ function _makeXHRBuildCall(url, data, onsuccess, onfail) { $.ajax( { type: "POST", diff --git a/lib/toaster/toastergui/templates/projectconf.html b/lib/toaster/toastergui/templates/projectconf.html index 9cacce42d..dde8a115c 100644 --- a/lib/toaster/toastergui/templates/projectconf.html +++ b/lib/toaster/toastergui/templates/projectconf.html @@ -429,6 +429,7 @@ // re-assert the event handlers } + /* ensure cookie exists {% csrf_token %} */ function postEditAjaxRequest(reqdata) { var ajax = $.ajax({ type:"POST", diff --git a/lib/toaster/toastergui/templates/targets.html b/lib/toaster/toastergui/templates/targets.html index 234159a68..690c6a5d3 100644 --- a/lib/toaster/toastergui/templates/targets.html +++ b/lib/toaster/toastergui/templates/targets.html @@ -120,6 +120,7 @@ var tooltipUpdateText; +/* ensure csrf cookie exists {% csrf_token %} */ function _makeXHREditCall(data, onsuccess, onfail) { $.ajax( { type: "POST", |