Merge pull request #110 from edx/csrftoken-fix

Updated CSRF cookie name in JS

Merge pull request #110 from edx/csrftoken-fix
Updated CSRF cookie name in JS
6f75bd05 · Clinton Blackburn · 233d71b9 · d8a315f5 · 6f75bd05 · 6f75bd05
Commit 6f75bd05 authored May 21, 2015 by Clinton Blackburn
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 11 deletions

ecommerce/settings/base.py
+9 -0

ecommerce/settings/local.py
+0 -9

ecommerce/static/oscar/js/order_list.js
+1 -1

ecommerce/static/oscar/js/refund_list.js
+1 -1

No files found.
--- a/ecommerce/settings/base.py
+++ b/ecommerce/settings/base.py
@@ -399,3 +399,12 @@ REST_FRAMEWORK = {
 # Resolving deprecation warning
 TEST_RUNNER = 'django.test.runner.DiscoverRunner'
+# COOKIE CONFIGURATION
+# The purpose of customizing the cookie names is to avoid conflicts when
+# multiple Django services are running behind the same hostname.
+# Detailed information at: https://docs.djangoproject.com/en/dev/ref/settings/
+SESSION_COOKIE_NAME = 'ecommerce_sessionid'
+CSRF_COOKIE_NAME = 'ecommerce_csrftoken'
+LANGUAGE_COOKIE_NAME = 'ecommerce_language'
+# END COOKIE CONFIGURATION
--- a/ecommerce/settings/local.py
+++ b/ecommerce/settings/local.py
@@ -16,15 +16,6 @@ DEBUG = True
 TEMPLATE_DEBUG = DEBUG
 # END DEBUG CONFIGURATION
-# COOKIE CONFIGURATION
-# The purpose of customizing the cookie names is to avoid conflicts when
-# multiple Django services are running behind the same hostname.
-# Detailed information at: https://docs.djangoproject.com/en/dev/ref/settings/
-SESSION_COOKIE_NAME = 'ecommerce_sessionid'
-CSRF_COOKIE_NAME = 'ecommerce_csrftoken'
-LANGUAGE_COOKIE_NAME = 'ecommerce_language'
-# END COOKIE CONFIGURATION
 # EMAIL CONFIGURATION
 # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-backend
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

--- a/ecommerce/static/oscar/js/order_list.js
+++ b/ecommerce/static/oscar/js/order_list.js
@@ -12,7 +12,7 @@ $(document).ready(function () {
        $.ajax({
            url: '/api/v2/orders/' + order_number + '/fulfill/',
            method: 'PUT',
-            headers: {'X-CSRFToken': $.cookie('csrftoken')}
+            headers: {'X-CSRFToken': $.cookie('ecommerce_csrftoken')}
        }).success(function (data) {
            $('tr[data-order-number=' + order_number + '] .order-status').text(data.status);
            addMessage('alert-success', 'icon-check-sign', 'Order ' + order_number + ' has been fulfilled.');

--- a/ecommerce/static/oscar/js/refund_list.js
+++ b/ecommerce/static/oscar/js/refund_list.js
@@ -16,7 +16,7 @@ $(document).ready(function () {
            url: '/api/v2/refunds/' + refund_id + '/process/',
            data: { action: decision },
            method: 'PUT',
-            headers: {'X-CSRFToken': $.cookie('csrftoken')}
+            headers: {'X-CSRFToken': $.cookie('ecommerce_csrftoken')}
        }).success(function (data) {
            $('tr[data-refund-id=' + refund_id + '] .refund-status').text(data.status);
            addMessage('alert-success', 'icon-check-sign', 'Refund #' + refund_id + ' has been processed.');