Changeset 13086
- Timestamp:
- May 11, 2013, 2:54:00 PM (11 years ago)
- Location:
- voteplugin/trunk/tracvote
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
voteplugin/trunk/tracvote/__init__.py
r13085 r13086 361 361 old_vote = self.get_vote(req, resource) 362 362 363 if old_vote == vote: 364 vote = 0 365 self.set_vote(req, resource, 0) 363 # Protect against CSRF attacks: Validate the token like done in Trac 364 # core for all POST requests with a content-type corresponding 365 # to form submissions. 366 msg = '' 367 if req.args.get('token') != req.form_token: 368 if self.env.secure_cookies and req.scheme == 'http': 369 msg = ("Secure cookies are enabled, you must use https for " 370 "your requests.") 371 else: 372 msg = ("Do you have cookies enabled?") 373 raise TracError(msg) 366 374 else: 375 if old_vote == vote: 376 # Second click on same icon revokes previous vote. 377 vote = 0 367 378 self.set_vote(req, resource, vote) 368 379 … … 582 593 alt='Up-vote') 583 594 down = tag.img(src=req.href.chrome('vote/' + self.image_map[vote][1]), 584 alt='Down-vote')595 alt='Down-vote') 585 596 if not 'action' in req.args and 'VOTE_MODIFY' in req.perm and \ 586 597 get_reporter_id(req) != 'anonymous': 587 598 down = tag.a(down, id='downvote', 588 href=req.href.vote('down', path), 599 href=req.href.vote('down', path, 600 token=req.form_token), 589 601 title='Down-vote') 590 up = tag.a(up, id='upvote', href=req.href.vote('up', path), 602 up = tag.a(up, id='upvote', 603 href=req.href.vote('up', path, token=req.form_token), 591 604 title='Up-vote') 592 605 add_script(req, 'vote/js/tracvote.js') -
voteplugin/trunk/tracvote/htdocs/js/tracvote.js
r2970 r13086 1 1 $(document).ready(function() { 2 2 $('#upvote, #downvote').click(function() { 3 var button = this; 3 var button = this; 4 var href; 5 if (this.href.indexOf('?') === -1) { 6 href = this.href + '?js=1'; 7 } else { 8 href = this.href + '&js=1'; 9 } 4 10 5 $.get( this.href + '?js=1', function(result) {11 $.get(href, function(result) { 6 12 result = result.split(':'); 7 13
Note: See TracChangeset
for help on using the changeset viewer.