refs #3359 use POST instead of GET requests / do not send token_auth within query strings

git-svn-id: http://dev.piwik.org/svn/trunk@7309 59fd770c-687e-43c8-a1e3-f5a4ff64c105
author: sgiehl <stefangiehl@gmail.com> 2012-10-25 17:48:41 +0400
committer: sgiehl <stefangiehl@gmail.com> 2012-10-25 17:48:41 +0400
commit: 27fbfa582c545f86235c474c92f10c2e9469b5c4 (patch)
tree: 5f5b5faa9c2928b278e5b298107366bd8d1a03a8 /plugins
parent: deb85141dd1e21e7480bac0c5e1167ab058b437f (diff)
7 files changed, 30 insertions, 15 deletions
diff --git a/plugins/CoreHome/templates/broadcast.js b/plugins/CoreHome/templates/broadcast.js
index a7f7a1d693..557b2f9c87 100644
--- a/plugins/CoreHome/templates/broadcast.js
+++ b/plugins/CoreHome/templates/broadcast.js
@@ -366,7 +366,7 @@ var broadcast = {
             }
         }
         var ajaxRequest = {
-            type: 'GET',
+            type: 'POST',
             url: urlAjax,
             dataType: 'html',
             async: true,
diff --git a/plugins/CoreHome/templates/datatable.js b/plugins/CoreHome/templates/datatable.js
index b82cf22d60..872023029c 100644
--- a/plugins/CoreHome/templates/datatable.js
+++ b/plugins/CoreHome/templates/datatable.js
@@ -128,7 +128,7 @@ dataTable.prototype =
 		//prepare the ajax request
 		var ajaxRequest = 
 		{
-			type: 'GET',
+			type: 'POST',
 			url: 'index.php',
 			dataType: 'html',
 			async: true,
diff --git a/plugins/Dashboard/templates/dashboardObject.js b/plugins/Dashboard/templates/dashboardObject.js
index 75dec3971a..b38c12f813 100644
--- a/plugins/Dashboard/templates/dashboardObject.js
+++ b/plugins/Dashboard/templates/dashboardObject.js
@@ -157,12 +157,16 @@
             var ajaxRequest =
             {
                 type: 'POST',
-                url: 'index.php?module=Dashboard&action=resetLayout&token_auth='+piwik.token_auth,
+                url: 'index.php?module=Dashboard&action=resetLayout',
                 dataType: 'html',
                 async: false,
                 error: piwikHelper.ajaxHandleError,
                 success: function() { methods.loadDashboard.apply(this, [dashboardId])},
-                data: { "idDashboard": dashboardId, "idSite": piwik.idSite }
+                data: {
+                    token_auth: piwik.token_auth,
+                    idDashboard: dashboardId,
+                    idSite: piwik.idSite
+                }
             };
             piwikHelper.showAjaxLoading();
             $.ajax(ajaxRequest);
@@ -228,7 +232,7 @@
         piwikHelper.abortQueueAjax();
         var ajaxRequest =
         {
-            type: 'GET',
+            type: 'POST',
             url: 'index.php?module=Dashboard&action=getDashboardLayout',
             dataType: 'json',
             async: true,
@@ -409,7 +413,10 @@
         var ajaxRequest =
         {
             type: 'POST',
-            url: 'index.php?module=Dashboard&action=getAllDashboards&token_auth='+piwik.token_auth,
+            url: 'index.php?module=Dashboard&action=getAllDashboards',
+            data: {
+                token_auth: piwik.token_auth
+            },
             dataType: 'json',
             async: true,
             success: function(dashboards) {
@@ -481,7 +488,7 @@
             var ajaxRequest =
             {
                 type: 'POST',
-                url: 'index.php?module=Dashboard&action='+action+'&token_auth='+piwik.token_auth,
+                url: 'index.php?module=Dashboard&action='+action,
                 dataType: 'html',
                 async: true,
                 success: function() {
@@ -492,6 +499,7 @@
                 },
                 error: piwikHelper.ajaxHandleError,
                 data: {
+                    token_auth: piwik.token_auth,
                     layout: JSON.stringify(dashboardLayout),
                     name: dashboardName,
                     idDashboard: dashboardId
@@ -511,7 +519,7 @@
         var ajaxRequest =
         {
             type: 'POST',
-            url: 'index.php?module=Dashboard&action=removeDashboard&token_auth='+piwik.token_auth,
+            url: 'index.php?module=Dashboard&action=removeDashboard',
             dataType: 'html',
             async: false,
             success: function() {
@@ -519,7 +527,8 @@
             },
             error: piwikHelper.ajaxHandleError,
             data: {
-                idDashboard: dashboardId
+                idDashboard: dashboardId,
+                token_auth: piwik.token_auth
             }
         };
         piwikHelper.showAjaxLoading();
diff --git a/plugins/Dashboard/templates/widgetMenu.js b/plugins/Dashboard/templates/widgetMenu.js
index 0735a92fda..5697c071be 100644
--- a/plugins/Dashboard/templates/widgetMenu.js
+++ b/plugins/Dashboard/templates/widgetMenu.js
@@ -19,8 +19,14 @@ widgetsHelper.getAvailableWidgets = function ()
     if(!widgetsHelper.availableWidgets) {
         var ajaxRequest =
         {
-            type: 'GET',
-            url: 'index.php?module=Dashboard&action=getAvailableWidgets&token_auth='+piwik.token_auth+'&idSite='+piwik.idSite,
+            type: 'POST',
+            url: 'index.php',
+            data: {
+                module: 'Dashboard',
+                action: 'getAvailableWidgets',
+                token_auth: piwik.token_auth,
+                idSite: piwik.idSite
+            },
             dataType: 'json',
             async: false,
             error: piwikHelper.ajaxHandleError,
@@ -88,7 +94,7 @@ widgetsHelper.getLoadWidgetAjaxRequest = function (widgetUniqueId, widgetParamet
     
 	return {
 		widgetUniqueId:widgetUniqueId,
-		type: 'GET',
+		type: 'POST',
 		url: 'index.php',
 		dataType: 'html',
 		async: true,
diff --git a/plugins/PrivacyManager/templates/privacySettings.js b/plugins/PrivacyManager/templates/privacySettings.js
index c276e59cd9..fa2c37b146 100644
--- a/plugins/PrivacyManager/templates/privacySettings.js
+++ b/plugins/PrivacyManager/templates/privacySettings.js
@@ -47,7 +47,7 @@ $(document).ready(function() {
 		}
 		
 		currentRequest = $.ajax({
-			type: 'GET',
+			type: 'POST',
 			url: 'index.php?module=PrivacyManager&action=getDatabaseSize',
 			dataType: 'html',
 			async: true,
diff --git a/plugins/SEO/templates/rank.js b/plugins/SEO/templates/rank.js
index 806dde55bf..a6fb602cdf 100644
--- a/plugins/SEO/templates/rank.js
+++ b/plugins/SEO/templates/rank.js
@@ -11,7 +11,7 @@ $(document).ready(function() {
 		piwikHelper.showAjaxLoading('ajaxLoadingSEO');
 		var ajaxRequest = 
 		{
-			type: 'GET',
+			type: 'POST',
 			url: 'index.php',
 			dataType: 'html',
 			error: piwikHelper.ajaxHandleError,		
diff --git a/plugins/UserCountry/templates/admin.js b/plugins/UserCountry/templates/admin.js
index b01d019c24..88ebf559df 100755
--- a/plugins/UserCountry/templates/admin.js
+++ b/plugins/UserCountry/templates/admin.js
@@ -49,7 +49,7 @@ $(document).ready(function() {
 		loading.show();
 		
 		$.ajax({
-			type: 'GET',
+			type: 'POST',
 			url: 'index.php',
 			data: {
 				module: 'UserCountry',
author	sgiehl <stefangiehl@gmail.com>	2012-10-25 17:48:41 +0400
committer	sgiehl <stefangiehl@gmail.com>	2012-10-25 17:48:41 +0400
commit	27fbfa582c545f86235c474c92f10c2e9469b5c4 (patch)
tree	5f5b5faa9c2928b278e5b298107366bd8d1a03a8 /plugins
parent	deb85141dd1e21e7480bac0c5e1167ab058b437f (diff)