diff --git a/adminsortable/admin.py b/adminsortable/admin.py index 99a7ddb..76d0ce0 100644 --- a/adminsortable/admin.py +++ b/adminsortable/admin.py @@ -230,7 +230,7 @@ class SortableAdmin(SortableAdminBase, ModelAdmin): 'sortable_by_class_display_name': sortable_by_class_display_name, 'jquery_lib_path': jquery_lib_path, 'csrf_cookie_name': getattr(settings, 'CSRF_COOKIE_NAME', 'csrftoken'), - 'csrf_header_name': getattr(settings, 'CSRF_HEADER_NAME', 'HTTP_X_CSRFTOKEN'), + 'csrf_header_name': getattr(settings, 'CSRF_HEADER_NAME', 'X-CSRFToken'), 'after_sorting_js_callback_name': self.after_sorting_js_callback_name }) return render(request, self.sortable_change_list_template, context) @@ -255,7 +255,7 @@ class SortableAdmin(SortableAdminBase, ModelAdmin): 'has_sortable_tabular_inlines': self.has_sortable_tabular_inlines, 'has_sortable_stacked_inlines': self.has_sortable_stacked_inlines, 'csrf_cookie_name': getattr(settings, 'CSRF_COOKIE_NAME', 'csrftoken'), - 'csrf_header_name': getattr(settings, 'CSRF_HEADER_NAME', 'HTTP_X_CSRFTOKEN'), + 'csrf_header_name': getattr(settings, 'CSRF_HEADER_NAME', 'X-CSRFToken'), 'after_sorting_js_callback_name': self.after_sorting_js_callback_name }) diff --git a/adminsortable/templates/adminsortable/admin.sortable.html b/adminsortable/templates/adminsortable/admin.sortable.html index 15a42a1..dc55915 100644 --- a/adminsortable/templates/adminsortable/admin.sortable.html +++ b/adminsortable/templates/adminsortable/admin.sortable.html @@ -18,7 +18,7 @@ $.ajax({ url: ui.item.find('a.admin_sorting_url').attr('href'), type: 'POST', - data: { indexes: indexes.join(',') }, + data: { indexes: indexes.join(','), csrfmiddlewaretoken: window.csrftoken }, success: function() { // set icons based on position lineItems.each(function(index, element) { diff --git a/adminsortable/templates/adminsortable/change_list.html b/adminsortable/templates/adminsortable/change_list.html index a965dbf..2cbbc34 100644 --- a/adminsortable/templates/adminsortable/change_list.html +++ b/adminsortable/templates/adminsortable/change_list.html @@ -107,7 +107,6 @@ {% else %} {% include "adminsortable/shared/objects.html" %} {% endif %} - {% csrf_token %} {% endif %} diff --git a/adminsortable/templates/adminsortable/edit_inline/admin.sortable.stacked.inlines.html b/adminsortable/templates/adminsortable/edit_inline/admin.sortable.stacked.inlines.html index f414272..eb100d7 100644 --- a/adminsortable/templates/adminsortable/edit_inline/admin.sortable.stacked.inlines.html +++ b/adminsortable/templates/adminsortable/edit_inline/admin.sortable.stacked.inlines.html @@ -39,7 +39,7 @@ $.ajax({ url: ui.item.parent().find(':hidden[name="admin_sorting_url"]').val(), type: 'POST', - data: { indexes : indexes.join(',') }, + data: { indexes : indexes.join(','), csrfmiddlewaretoken: window.csrftoken }, success: function() { var fieldsets = ui.item.find('fieldset'), highlightedSelector = fieldsets.filter('.collapsed').length === fieldsets.length ? 'h3' : '.form-row', diff --git a/adminsortable/templates/adminsortable/edit_inline/admin.sortable.tabular.inlines.html b/adminsortable/templates/adminsortable/edit_inline/admin.sortable.tabular.inlines.html index d993b39..1a0ab5f 100644 --- a/adminsortable/templates/adminsortable/edit_inline/admin.sortable.tabular.inlines.html +++ b/adminsortable/templates/adminsortable/edit_inline/admin.sortable.tabular.inlines.html @@ -37,7 +37,7 @@ $.ajax({ url: ui.item.parent().find(':hidden[name="admin_sorting_url"]').val(), type: 'POST', - data: { indexes : indexes.join(',') }, + data: { indexes : indexes.join(','), csrfmiddlewaretoken: window.csrftoken }, success: function() { // set icons based on position var icons = ui.item.parent().find('.fa'); diff --git a/adminsortable/templates/adminsortable/shared/object_rep.html b/adminsortable/templates/adminsortable/shared/object_rep.html index 79ad87f..8b5383b 100644 --- a/adminsortable/templates/adminsortable/shared/object_rep.html +++ b/adminsortable/templates/adminsortable/shared/object_rep.html @@ -3,4 +3,5 @@
{{ object }} + {% csrf_token %}