2007-02-13 16:55:26 +01:00
|
|
|
// Place your application-specific JavaScript functions and classes here
|
|
|
|
// This file is automatically included by javascript_include_tag :defaults
|
2007-03-09 05:35:49 +01:00
|
|
|
function toggleView(id)
|
|
|
|
{
|
|
|
|
(document.getElementById(id).style.display == 'block') ? document.getElementById(id).style.display='none' : document.getElementById(id).style.display='block';
|
|
|
|
}
|
|
|
|
|
2011-02-19 06:36:23 +01:00
|
|
|
/*
|
|
|
|
* Registers a callback which copies the csrf token into the
|
|
|
|
* X-CSRF-Token header with each ajax request. Necessary to
|
|
|
|
* work with rails applications which have fixed
|
|
|
|
* CVE-2011-0447
|
|
|
|
*/
|
|
|
|
|
|
|
|
Ajax.Responders.register({
|
|
|
|
onCreate: function(request) {
|
|
|
|
var csrf_meta_tag = $$('meta[name=csrf-token]')[0];
|
|
|
|
|
|
|
|
if (csrf_meta_tag) {
|
|
|
|
var header = 'X-CSRF-Token',
|
|
|
|
token = csrf_meta_tag.readAttribute('content');
|
|
|
|
|
|
|
|
if (!request.options.requestHeaders) {
|
|
|
|
request.options.requestHeaders = {};
|
|
|
|
}
|
|
|
|
request.options.requestHeaders[header] = token;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|