From 6768a3069da45b3512601d8361bf64f06ee11e6f Mon Sep 17 00:00:00 2001
From: Alexandru DAMIAN <alexandru.damian@intel.com>
Date: Thu, 26 Feb 2015 21:41:59 +0000
Subject: [PATCH] bitbake: toastergui: add csrf tokens for AJAX calls

This patch adds CSRF tokens in pages using AJAX calls in
order to force Django to generate the CSRF cookie used to
authenticate the call.

(Bitbake rev: 6b2403992f1f5f84114ec9b243813957ff907051)

Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 bitbake/lib/toaster/toastergui/templates/layers.html             | 1 +
 .../lib/toaster/toastergui/templates/managed_mrb_section.html    | 1 +
 bitbake/lib/toaster/toastergui/templates/projectconf.html        | 1 +
 bitbake/lib/toaster/toastergui/templates/targets.html            | 1 +
 4 files changed, 4 insertions(+)

diff --git a/bitbake/lib/toaster/toastergui/templates/layers.html b/bitbake/lib/toaster/toastergui/templates/layers.html
index 5cfda5b526..864e15683b 100644
--- a/bitbake/lib/toaster/toastergui/templates/layers.html
+++ b/bitbake/lib/toaster/toastergui/templates/layers.html
@@ -117,6 +117,7 @@
 
 var tooltipUpdateText;
 
+/* ensure csrf cookie exists {% csrf_token %} */
 function _makeXHREditCall(data, onsuccess, onfail) {
     $.ajax( {
         type: "POST",
diff --git a/bitbake/lib/toaster/toastergui/templates/managed_mrb_section.html b/bitbake/lib/toaster/toastergui/templates/managed_mrb_section.html
index 08bb05d97b..d6e32f89ce 100644
--- a/bitbake/lib/toaster/toastergui/templates/managed_mrb_section.html
+++ b/bitbake/lib/toaster/toastergui/templates/managed_mrb_section.html
@@ -156,6 +156,7 @@
 
 <script>
 
+/* ensure csrf cookie exists {% csrf_token %} */
 function _makeXHRBuildCall(url, data, onsuccess, onfail) {
     $.ajax( {
         type: "POST",
diff --git a/bitbake/lib/toaster/toastergui/templates/projectconf.html b/bitbake/lib/toaster/toastergui/templates/projectconf.html
index 9cacce42d8..dde8a115c2 100644
--- a/bitbake/lib/toaster/toastergui/templates/projectconf.html
+++ b/bitbake/lib/toaster/toastergui/templates/projectconf.html
@@ -429,6 +429,7 @@
             // re-assert the event handlers
         }
 
+	/* ensure cookie exists {% csrf_token %} */
         function postEditAjaxRequest(reqdata) {
             var ajax = $.ajax({
                     type:"POST",
diff --git a/bitbake/lib/toaster/toastergui/templates/targets.html b/bitbake/lib/toaster/toastergui/templates/targets.html
index 234159a687..690c6a5d36 100644
--- a/bitbake/lib/toaster/toastergui/templates/targets.html
+++ b/bitbake/lib/toaster/toastergui/templates/targets.html
@@ -120,6 +120,7 @@
 
 var tooltipUpdateText;
 
+/* ensure csrf cookie exists {% csrf_token %} */
 function _makeXHREditCall(data, onsuccess, onfail) {
     $.ajax( {
         type: "POST",