Skip to content

Add AJAX headers option#1

Open
melvynhills wants to merge 1 commit into
eshq:masterfrom
melvynhills:master
Open

Add AJAX headers option#1
melvynhills wants to merge 1 commit into
eshq:masterfrom
melvynhills:master

Conversation

@melvynhills

Copy link
Copy Markdown

If an AJAX request is sent without proper CSRF token, Rails destroys current session.
This pull request adds an ajax_headers option to the ESHQ constructor.
This option must be a key:value object. Value can also be a function.

var eshq = new ESHQ("my-channel", {
  auth_url: "/live/connect",
  ajax_headers: {
    "X-CSRF-Token": function() {
      return $("meta[name='csrf-token']").attr("content");
    }
  }
});

Useful for "X-CSRF-Token" Rails header
@bittersweet

Copy link
Copy Markdown

b578c3c fixed this for me.

var token = $('meta[name="csrf-token"]').attr('content');
es_options = {
  auth_headers: {'X-CSRF-Token': token}
}
app.es = new ESHQ('channel', es_options);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants