php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-20 16:38:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Enable CSRF validation by default.

Browse Source
This commit is contained in:
Qiang Xue
2013-09-20 15:04:28 -04:00
parent 41f7a7d243
commit 3acca93ad3
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
framework/yii/assets/yii.js
View File

@@ -163,6 +163,12 @@ yii = (function ($) {
init: function () {
var $document = $(document);
$.ajaxPrefilter(function (options, originalOptions, xhr) {
if (!options.crossDomain && pub.getCsrfVar()) {
xhr.setRequestHeader('X-CSRF-TOKEN', pub.getCsrfToken());
}
});
$document.on('click.yii', pub.clickableSelector, function (event) {
var $this = $(this);
if (pub.allowAction($this)) {