cheeming/csrf_ajax.js

## csrf_ajax.js
_getCookie = null;

$(function () {
    // *** CSRF starts
    // ref: https://docs.djangoproject.com/en/1.6/ref/contrib/csrf/#ajax
    // ----------------------------------------------------
    function getCookie(name) {
        var cookieValue = null;
        if (document.cookie && document.cookie != '') {
            var cookies = document.cookie.split(';');
            for (var i = 0; i < cookies.length; i++) {
                var cookie = jQuery.trim(cookies[i]);
                // Does this cookie string begin with the name we want?
                if (cookie.substring(0, name.length + 1) == (name + '=')) {
                    cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
                    break;
                }
            }
        }
        if (cookieValue == null) {
            cookieValue = $('#form-csrftoken input[name=csrfmiddlewaretoken]').val();
        }
        return cookieValue;
    }
    _getCookie = getCookie;

    function csrfSafeMethod(method) {
        // these HTTP methods do not require CSRF protection
        return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
    }

    var csrftoken = getCookie("csrftoken");

    $.ajaxSetup({
        beforeSend: function (xhr, settings) {
            if (!csrfSafeMethod(settings.type) && !this.crossDomain) {
                // Send the token to same-origin, relative URLs only.
                // Send the token only if the method warrants CSRF protection
                // Using the CSRFToken value acquired earlier
                xhr.setRequestHeader("X-CSRFToken", csrftoken);
            }
        }
    });
    // --------------------------------------------- CSRF ends ***
});
	_getCookie = null;

	$(function () {
	// *** CSRF starts
	// ref: https://docs.djangoproject.com/en/1.6/ref/contrib/csrf/#ajax
	// ----------------------------------------------------
	function getCookie(name) {
	var cookieValue = null;
	if (document.cookie && document.cookie != '') {
	var cookies = document.cookie.split(';');
	for (var i = 0; i < cookies.length; i++) {
	var cookie = jQuery.trim(cookies[i]);
	// Does this cookie string begin with the name we want?
	if (cookie.substring(0, name.length + 1) == (name + '=')) {
	cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
	break;
	}
	}
	}
	if (cookieValue == null) {
	cookieValue = $('#form-csrftoken input[name=csrfmiddlewaretoken]').val();
	}
	return cookieValue;
	}
	_getCookie = getCookie;

	function csrfSafeMethod(method) {
	// these HTTP methods do not require CSRF protection
	return (/^(GET\|HEAD\|OPTIONS\|TRACE)$/.test(method));
	}

	var csrftoken = getCookie("csrftoken");

	$.ajaxSetup({
	beforeSend: function (xhr, settings) {
	if (!csrfSafeMethod(settings.type) && !this.crossDomain) {
	// Send the token to same-origin, relative URLs only.
	// Send the token only if the method warrants CSRF protection
	// Using the CSRFToken value acquired earlier
	xhr.setRequestHeader("X-CSRFToken", csrftoken);
	}
	}
	});
	// --------------------------------------------- CSRF ends ***
	});