Merge branch 'develop'

Adds custom CSRF_COOKIE_NAME support.

README.md

@@ -2,7 +2,7 @@
 
 [![Build Status](https://travis-ci.org/iambrandontaylor/django-admin-sortable.svg?branch=master)](https://travis-ci.org/iambrandontaylor/django-admin-sortable)
 
-Current version: 2.0.10
+Current version: 2.0.11
 
 This project makes it easy to add drag-and-drop ordering to any model in
 Django admin. Inlines for a sortable model may also be made sortable,
@@ -497,8 +497,8 @@ ordering on top of that just seemed a little much in my opinion.
 django-admin-sortable is currently used in production.
 
 
-### What's new in 2.0.10?
+### What's new in 2.0.11?
-- Bugfix for accessing custom `order` property of model. Thanks [@theithec](https://github.com/theithec) for reporting the issue.
+- Custom [CSRF_COOKIE_NAME](https://docs.djangoproject.com/en/1.9/ref/settings/#csrf-cookie-name) is now supported. Thanks [@BUHARDI](https://github.com/BUHARDI) for reporting the issue.
 
 
 ### Future

README.rst

@@ -3,7 +3,7 @@ Django Admin Sortable
 
 |Build Status|
 
-Current version: 2.0.10
+Current version: 2.0.11
 
 This project makes it easy to add drag-and-drop ordering to any model in
 Django admin. Inlines for a sortable model may also be made sortable,
@@ -609,11 +609,13 @@ Status
 
 django-admin-sortable is currently used in production.
 
-What's new in 2.0.10?
+What's new in 2.0.11?
 ~~~~~~~~~~~~~~~~~~~~~
 
--  Bugfix for accessing custom ``order`` property of model. Thanks
+-  Custom
-   [@theithec](https://github.com/theithec) for reporting the issue.
+   `CSRF\_COOKIE\_NAME <https://docs.djangoproject.com/en/1.9/ref/settings/#csrf-cookie-name>`__
+   is now supported. Thanks [@BUHARDI](https://github.com/BUHARDI) for
+   reporting the issue.
 
 Future
 ~~~~~~

adminsortable/__init__.py

@@ -1,4 +1,4 @@
-VERSION = (2, 0, 10)
+VERSION = (2, 0, 11)
 DEV_N = None
 
 

adminsortable/admin.py

@@ -215,7 +215,8 @@ class SortableAdmin(SortableAdminBase, ModelAdmin):
             'sortable_by_class': sortable_by_class,
             'sortable_by_class_is_sortable': sortable_by_class_is_sortable,
             'sortable_by_class_display_name': sortable_by_class_display_name,
-            'jquery_lib_path': jquery_lib_path
+            'jquery_lib_path': jquery_lib_path,
+            'csrf_cookie_name': getattr(settings, 'CSRF_COOKIE_NAME', 'csrftoken')
         }
         return render(request, self.sortable_change_list_template, context)
 

adminsortable/static/adminsortable/js/jquery.django-csrf.js

@@ -1,32 +0,0 @@
-// using jQuery
-function getCookie(name) {
-    var cookieValue = null;
-    if (document.cookie && document.cookie !== '') {
-        var cookies = document.cookie.split(';');
-        for (var i = 0; i < cookies.length; i++) {
-            var cookie = django.jQuery.trim(cookies[i]);
-            // Does this cookie string begin with the name we want?
-            if (cookie.substring(0, name.length + 1) === (name + '=')) {
-                cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
-                break;
-            }
-        }
-    }
-    return cookieValue;
-}
-
-var csrftoken = getCookie('csrftoken');
-
-function csrfSafeMethod(method) {
-    // these HTTP methods do not require CSRF protection
-    return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
-}
-
-django.jQuery.ajaxSetup({
-    crossDomain: false, // obviates need for sameOrigin test
-    beforeSend: function(xhr, settings) {
-        if (!csrfSafeMethod(settings.type)) {
-            xhr.setRequestHeader("X-CSRFToken", csrftoken);
-        }
-    }
-});

adminsortable/templates/adminsortable/change_form.html

@@ -8,7 +8,7 @@
 
     {% if has_sortable_tabular_inlines or has_sortable_stacked_inlines %}
         <script type="text/javascript" src="{% static 'adminsortable/js/jquery-ui-django-admin.min.js' %}"></script>
-        <script type="text/javascript" src="{% static 'adminsortable/js/jquery.django-csrf.js' %}"></script>
+        {% include 'adminsortable/csrf/jquery.django-csrf.html' with csrf_cookie_name=csrf_cookie_name %}
     {% endif %}
 
     {% if has_sortable_tabular_inlines %}

adminsortable/templates/adminsortable/change_list.html

@@ -13,7 +13,7 @@
     <script src="{% static jquery_lib_path %}"></script>
     <script src="{% static 'admin/js/jquery.init.js' %}"></script>
 	<script src="{% static 'adminsortable/js/jquery-ui-django-admin.min.js' %}"></script>
-    <script src="{% static 'adminsortable/js/jquery.django-csrf.js' %}"></script>
+    {% include 'adminsortable/csrf/jquery.django-csrf.html' with csrf_cookie_name=csrf_cookie_name %}
     <script src="{% static 'adminsortable/js/admin.sortable.js' %}"></script>
 {% endblock %}
 

adminsortable/templates/adminsortable/csrf/jquery.django-csrf.html

@@ -0,0 +1,34 @@
+<script>
+    // using jQuery
+    function getCookie(name) {
+        var cookieValue = null;
+        if (document.cookie && document.cookie !== '') {
+            var cookies = document.cookie.split(';');
+            for (var i = 0; i < cookies.length; i++) {
+                var cookie = django.jQuery.trim(cookies[i]);
+                // Does this cookie string begin with the name we want?
+                if (cookie.substring(0, name.length + 1) === (name + '=')) {
+                    cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
+                    break;
+                }
+            }
+        }
+        return cookieValue;
+    }
+
+    var csrftoken = getCookie('{{ csrf_cookie_name }}');
+
+    function csrfSafeMethod(method) {
+        // these HTTP methods do not require CSRF protection
+        return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
+    }
+
+    django.jQuery.ajaxSetup({
+        crossDomain: false, // obviates need for sameOrigin test
+        beforeSend: function(xhr, settings) {
+            if (!csrfSafeMethod(settings.type)) {
+                xhr.setRequestHeader("X-CSRFToken", csrftoken);
+            }
+        }
+    });
+</script>