Reject referers that do not include an absolute path

[rails.git] / app / assets / javascripts / oauth.js

diff --git a/app/assets/javascripts/oauth.js b/app/assets/javascripts/oauth.js
index 98ce302e105925de575198d60624de4ce2013443..d688590b05c0ce0ed8e6bbb25f307b3e2a32177f 100644 (file)
--- a/app/assets/javascripts/oauth.js
+++ b/app/assets/javascripts/oauth.js
@@ -1,21 +1,23 @@
-//= require ohauth
+//= require ohauth/ohauth
 
 $(document).ready(function () {
+  var application_data = $("head").data();
+
   function makeAbsolute(url) {
-    var a = document.createElement('a');
+    var a = document.createElement("a");
     a.href = url;
     return a.href;
   }
 
-  if (OSM.oauth_token) {
+  if (application_data.token) {
     var headerGenerator = window.ohauth.headerGenerator({
-      consumer_key: OSM.oauth_consumer_key,
-      consumer_secret: OSM.oauth_consumer_secret,
-      token: OSM.oauth_token,
-      token_secret: OSM.oauth_token_secret
+      consumer_key: application_data.consumerKey,
+      consumer_secret: application_data.consumerSecret,
+      token: application_data.token,
+      token_secret: application_data.tokenSecret
     });
 
-    $.ajaxPrefilter(function(options, jqxhr) {
+    $.ajaxPrefilter(function (options, jqxhr) {
       if (options.oauth) {
         options.headers = options.headers || {};
         options.headers.Authorization = headerGenerator(options.type, makeAbsolute(options.url), jqxhr.data);