/*!
 * jQuery CSRF token @VERSION
 *
 * Copyright (c) 2011 excentrics.ru
 * Dual licensed under the MIT (MIT-LICENSE.txt)
 * and GPL (GPL-LICENSE.txt) licenses.
 *
 * Author: Yarovoy Artem (yarovoy at excentrics dot ru)
 *
 * http://www.excentrics.ru
 */

(function($){
	
	/*
	 * While the above method can be used for AJAX POST requests, it has some inconveniences: 
	 * you have to remember to pass the CSRF token in as POST data with every POST request. 
	 * For this reason, there is an alternative method: on each XMLHttpRequest, 
	 * set a custom X-CSRFToken header to the value of the CSRF token. 
	 * This is often easier, because many javascript frameworks provide 
	 * hooks that allow headers to be set on every request.
	 * 
	 */
	$('html').ajaxSend(function(event, xhr, settings) {
		function getCookie(name) {
			var cookieValue = null;
			if (document.cookie && document.cookie != '') {
				var cookies = document.cookie.split(';');
				for (var i = 0; i < cookies.length; i++) {
					var cookie = jQuery.trim(cookies[i]);
					// Does this cookie string begin with the name we want?
					if (cookie.substring(0, name.length + 1) == (name + '=')) {
						cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
						break;
					}
				}
			}
			return cookieValue;
		}
		if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
			// Only send the token to relative URLs i.e. locally.
			xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
		}
	});	

})(jQuery);