diff --git a/app/views/layouts/base_users.html.erb b/app/views/layouts/base_users.html.erb index 1e0811039..32c4c3755 100644 --- a/app/views/layouts/base_users.html.erb +++ b/app/views/layouts/base_users.html.erb @@ -30,6 +30,7 @@ $.ajax({ url: '<%= update_score_user_path(:format => 'js') %>', type: 'get', + beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content'))}, data: 'id=<%= @user.id %>', remote: true }) ; diff --git a/public/javascripts/application.js b/public/javascripts/application.js index fcc2455f9..2fb50528f 100644 --- a/public/javascripts/application.js +++ b/public/javascripts/application.js @@ -457,7 +457,6 @@ function randomKey(size) { function updateIssueFrom(url) { $.ajax({ url: url, - beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content'))}, type: 'post', data: $('#issue-form').serialize() }); @@ -466,7 +465,6 @@ function updateIssueFrom(url) { function updateBulkEditFrom(url) { $.ajax({ url: url, - beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content'))}, type: 'post', data: $('#bulk_edit_form').serialize() }); @@ -545,7 +543,6 @@ function initMyPageSortable(list, url) { $.ajax({ url: url, type: 'post', - beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content'))}, data: {'blocks': $.map($('#list-'+list).children(), function(el){return $(el).attr('id');})} }); }