Set up Django with CSRF protection when using require.js, backbone, and backbone-relational.

_base.html

<script>
// Include this template in your base Django template.

// I also define my backbone API urls here, using Django's url resolver: 
//var a_model_url = "{% url backbone:appname_modelname %}"; 

var csrf_token = "{{ csrf_token }}";
</script>

common.js

require.config({
    baseUrl: "/static/js",
    paths: {
        "backbone": "libs/backbone/backbone-min",
        "backbone-relational": "libs/backbone/backbone-relational",
        "underscore": "libs/underscore/underscore",
        "jquery": "libs/jquery/jquery-1.8.3",
    },
    shim: {
        'jquery-ui': {
            deps: ['jquery'],
        },
        'backbone-relational': {
            deps: ['backbone'],
            exports: 'Backbone'
        },
        'backbone': {
            deps: ['underscore', 'jquery'],
            exports: 'Backbone',
            init: function (underscore, jquery) {
                var oldSync = this.Backbone.sync;
                this.Backbone.sync = function(method, model, options) {
                    options.beforeSend = function(xhr){
                        xhr.setRequestHeader('X-CSRFToken', window.csrf_token);
                    };
                    return oldSync(method, model, options);
                };
            }
        },
        'underscore': {
            exports: '_'
        }
    },
});