Merge pull request #3946 in SW/shopware from sw-15922/5.2/simplify-cs…

…rf-protection to 5.2 * commit 'bc1352bf44d5e2d53b8c213fc15867478f2253d5': SW-15922 - Simplify CSRF protection jQuery implementation
shopware5 · Aug 10, 2016 · 033c43a · 033c43a
2 parents 73c58d8 + bc1352b
commit 033c43a
Showing 1 changed file with 27 additions and 6 deletions.
diff --git a/themes/Frontend/Responsive/frontend/_public/src/js/jquery.csrf-protection.js b/themes/Frontend/Responsive/frontend/_public/src/js/jquery.csrf-protection.js
@@ -108,16 +108,37 @@
         },
 
         /**
-         * Modify every ajax request to add the X-CSRF-Token header
+         * Registers handlers before sending an AJAX request & after it is completed.
          */
         setupAjax: function() {
-            var me = this,
-                token = me.getToken();
+            var me = this;
+
+            $(document).ajaxSend($.proxy(me._ajaxBeforeSend, me));
+            $(document).ajaxComplete($.proxy(me._ajaxAfterSend, me));
 
-            $.ajaxSettings.headers = $.ajaxSettings.headers || {};
-            $.ajaxSettings.headers['X-CSRF-Token'] = token;
+            $.publish('plugin/swCsrfProtection/setupAjax', [ me, me.getToken() ]);
+        },
+
+        /**
+         * Update all forms in case a callback has replaced html parts and needs to be rebound
+         *
+         * @private
+         */
+        _ajaxAfterSend: function() {
+            window.setTimeout(function() {
+                this.updateForms();
+            }.bind(this), 1);
+        },
 
-            $.publish('plugin/swCsrfProtection/setupAjax', [ this, token ]);
+        /**
+         * Append X-CSRF-Token header to every request
+         *
+         * @param event
+         * @param request
+         * @private
+         */
+        _ajaxBeforeSend: function(event, request) {
+            request.setRequestHeader('X-CSRF-Token', this.getToken());
         },
 
         /**