Standardize access to CSRF token in JavaScript

author: Bryce Johnson <bryce@gitlab.com> 2017-09-21 20:53:28 +0300
committer: Phil Hughes <me@iamphill.com> 2017-09-21 20:53:28 +0300
commit: cca06da2e4c1e3bfef597994db8ceb72796b50b5 (patch)
tree: d2ad73329ab9c4ded1e8e373717f2e8816c0c1da /app/assets/javascripts/dropzone_input.js
parent: 6c0473ef6fa8255167eb26c288ac50af537cefbc (diff)
1 files changed, 3 insertions, 6 deletions
diff --git a/app/assets/javascripts/dropzone_input.js b/app/assets/javascripts/dropzone_input.js
index 975903159be..1cba65d17cd 100644
--- a/app/assets/javascripts/dropzone_input.js
+++ b/app/assets/javascripts/dropzone_input.js
@@ -2,6 +2,7 @@
 /* global Dropzone */
 import _ from 'underscore';
 import './preview_markdown';
+import csrf from './lib/utils/csrf';
 
 window.DropzoneInput = (function() {
   function DropzoneInput(form) {
@@ -50,9 +51,7 @@ window.DropzoneInput = (function() {
       paramName: 'file',
       maxFilesize: maxFileSize,
       uploadMultiple: false,
-      headers: {
-        'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
-      },
+      headers: csrf.headers,
       previewContainer: false,
       processing: function() {
         return $('.div-dropzone-alert').alert('close');
@@ -260,9 +259,7 @@ window.DropzoneInput = (function() {
         dataType: 'json',
         processData: false,
         contentType: false,
-        headers: {
-          'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
-        },
+        headers: csrf.headers,
         beforeSend: function() {
           showSpinner();
           return closeAlertMessage();
author	Bryce Johnson <bryce@gitlab.com>	2017-09-21 20:53:28 +0300
committer	Phil Hughes <me@iamphill.com>	2017-09-21 20:53:28 +0300
commit	cca06da2e4c1e3bfef597994db8ceb72796b50b5 (patch)
tree	d2ad73329ab9c4ded1e8e373717f2e8816c0c1da /app/assets/javascripts/dropzone_input.js
parent	6c0473ef6fa8255167eb26c288ac50af537cefbc (diff)