Allow the embed page to be embedded in third party frames

[rails.git] / app / assets / javascripts / oauth.js

diff --git a/app/assets/javascripts/oauth.js b/app/assets/javascripts/oauth.js
index aac63f243fd40afd7a0ad7b322c81299778b29b6..411f7fc349194a599b39f6579559ef25a3b73841 100644 (file)
--- a/app/assets/javascripts/oauth.js
+++ b/app/assets/javascripts/oauth.js
@@ -1,18 +1,26 @@
 //= require ohauth
 
 $(document).ready(function () {
-  if (OSM.oauth_token) {
+  var application_data = $("head").data();
+
+  function makeAbsolute(url) {
+    var a = document.createElement("a");
+    a.href = url;
+    return a.href;
+  }
+
+  if (application_data.token) {
     var headerGenerator = window.ohauth.headerGenerator({
-      consumer_key: OSM.oauth_consumer_key,
-      consumer_secret: OSM.oauth_consumer_secret,
-      token: OSM.oauth_token,
-      token_secret: OSM.oauth_token_secret
+      consumer_key: application_data.consumerKey,
+      consumer_secret: application_data.consumerSecret,
+      token: application_data.token,
+      token_secret: application_data.tokenSecret
     });
 
-    $.ajaxPrefilter(function(options, jqxhr) {
+    $.ajaxPrefilter(function (options, jqxhr) {
       if (options.oauth) {
         options.headers = options.headers || {};
-        options.headers.Authorization = headerGenerator(options.type, options.url, jqxhr.data);
+        options.headers.Authorization = headerGenerator(options.type, makeAbsolute(options.url), jqxhr.data);
       }
     });
   }