+/**\r
+ * We do not want the CSRF protection enabled for the AJAX post requests, it causes only trouble.\r
+ * Get the csrftoken cookie and pass it to the X-CSRFToken HTTP request property.\r
+ */\r
+$('html').ajaxSend(function(event, xhr, settings) {\r
+ function getCookie(name) {\r
+ var cookieValue = null;\r
+ if (document.cookie && document.cookie != '') {\r
+ var cookies = document.cookie.split(';');\r
+ for (var i = 0; i < cookies.length; i++) {\r
+ var cookie = jQuery.trim(cookies[i]);\r
+ // Does this cookie string begin with the name we want?\r
+ if (cookie.substring(0, name.length + 1) == (name + '=')) {\r
+ cookieValue = decodeURIComponent(cookie.substring(name.length + 1));\r
+ break;\r
+ }\r
+ }\r
+ }\r
+ return cookieValue;\r
+ }\r
+ if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {\r
+ // Only send the token to relative URLs i.e. locally.\r
+ xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));\r
+ }\r
+});\r
+\r