diff options
author | Brett Profitt <brett.profitt@gmail.com> | 2011-10-14 23:36:31 -0700 |
---|---|---|
committer | Brett Profitt <brett.profitt@gmail.com> | 2011-10-14 23:36:31 -0700 |
commit | be5e5eaaac3844c19a804347676cdc58f959827a (patch) | |
tree | e9bda699e8c2b013ed4bdb05caac48f6e3cb4291 | |
parent | 79d99b232eb72b7d12dcc774bda4202a1f05a8fb (diff) | |
download | elgg-be5e5eaaac3844c19a804347676cdc58f959827a.tar.gz elgg-be5e5eaaac3844c19a804347676cdc58f959827a.tar.bz2 |
Fixes #3927. elgg.security.addToken() works for URLs without query strings.
-rw-r--r-- | js/lib/security.js | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/js/lib/security.js b/js/lib/security.js index 486347b88..d14ddff95 100644 --- a/js/lib/security.js +++ b/js/lib/security.js @@ -70,14 +70,22 @@ elgg.security.addToken = function(data) { // 'http://example.com?data=sofar' if (elgg.isString(data)) { - var args = []; - if (data) { - args.push(data); + var args = {}, + base = ''; + + // check for query strings + if (data.indexOf('?') != -1) { + var split = data.split('?'); + base = split[0]; + args = elgg.parse_str(split[1]); + } else { + base = data; } - args.push("__elgg_ts=" + elgg.security.token.__elgg_ts); - args.push("__elgg_token=" + elgg.security.token.__elgg_token); + + args["__elgg_ts"] = elgg.security.token.__elgg_ts; + args["__elgg_token"] = elgg.security.token.__elgg_token; - return args.join('&'); + return base + '?' + jQuery.param(args); } // no input! acts like a getter |