Keegan McAllister 6f2bbe5917 Set and check csrf_token for #reload ...

Fixes a message forgery bug (#335).

This works because Django will not generate a new CSRF token if a valid token
cookie is already present (see django/middleware/csrf.py).

(imported from commit 23222cb0bb62ae8a2f8ac7fb3f24bbc866103454)

2012-11-14 13:35:24 -05:00

..

common.js

Module pattern for compose.js

2012-10-18 15:11:25 -04:00

compose.js

Unify huddles and personals into private messages on the send path

2012-11-13 15:40:53 -05:00

composebox_typeahead.js

Make enter not submit the form in private message compose box

2012-11-14 10:27:52 -05:00

debug.js

Update comment in debug.js

2012-10-29 23:21:00 -04:00

hotkey.js

Make escape close just the open typeahead on Firefox, not the compose

2012-11-13 16:15:43 -05:00

narrow.js

Be case-insensitive about subjects when collapsing and narrowing.

2012-11-07 14:51:51 -05:00

reload.js

Set and check csrf_token for #reload

2012-11-14 13:35:24 -05:00

rows.js

Return an int from rows.id

2012-11-07 11:51:03 -05:00

search.js

search_button_handler: Remove unnecessary id lookup

2012-11-07 11:51:03 -05:00

setup.js

Make csrf_token global

2012-11-14 13:35:24 -05:00

signup.js

Document the selctors in signup.js per trac #327

2012-11-09 15:03:08 -05:00

subs.js

Rename parameter for clarity

2012-11-09 18:08:31 -05:00

ui.js

Unify huddles and personals into private messages on the send path

2012-11-13 15:40:53 -05:00

zephyr.js

Fix the "load more" button disappearing after the first time it's clicked

2012-11-14 13:01:28 -05:00