jQuery(document).ajaxSend(function(event,xhr,settings){functiongetCookie(name){varcookieValue=null;if(document.cookie&&document.cookie!=''){varcookies=document.cookie.split(';');for(vari=0;i<cookies.length;i++){varcookie=jQuery.trim(cookies[i]);// Does this cookie string begin with the name we want?if(cookie.substring(0,name.length+1)==(name+'=')){cookieValue=decodeURIComponent(cookie.substring(name.length+1));break;}}}returncookieValue;}functionsameOrigin(url){// url could be relative or scheme relative or absolutevarhost=document.location.host;// host + portvarprotocol=document.location.protocol;varsr_origin='//'+host;varorigin=protocol+sr_origin;// Allow absolute or scheme relative URLs to same originreturn(url==origin||url.slice(0,origin.length+1)==origin+'/')||(url==sr_origin||url.slice(0,sr_origin.length+1)==sr_origin+'/')||// or any other URL that isn't scheme relative or absolute i.e relative.!(/^(\/\/|http:|https:).*/.test(url));}functionsafeMethod(method){return(/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));}if(!safeMethod(settings.type)&&sameOrigin(settings.url)){xhr.setRequestHeader("X-CSRFToken",getCookie('csrftoken'));}});