aboutsummaryrefslogtreecommitdiff
path: root/js
diff options
context:
space:
mode:
authorBrett Profitt <brett.profitt@gmail.com>2011-10-14 23:36:31 -0700
committerBrett Profitt <brett.profitt@gmail.com>2011-10-14 23:36:31 -0700
commitbe5e5eaaac3844c19a804347676cdc58f959827a (patch)
treee9bda699e8c2b013ed4bdb05caac48f6e3cb4291 /js
parent79d99b232eb72b7d12dcc774bda4202a1f05a8fb (diff)
downloadelgg-be5e5eaaac3844c19a804347676cdc58f959827a.tar.gz
elgg-be5e5eaaac3844c19a804347676cdc58f959827a.tar.bz2
Fixes #3927. elgg.security.addToken() works for URLs without query strings.
Diffstat (limited to 'js')
-rw-r--r--js/lib/security.js20
1 files changed, 14 insertions, 6 deletions
diff --git a/js/lib/security.js b/js/lib/security.js
index 486347b88..d14ddff95 100644
--- a/js/lib/security.js
+++ b/js/lib/security.js
@@ -70,14 +70,22 @@ elgg.security.addToken = function(data) {
// 'http://example.com?data=sofar'
if (elgg.isString(data)) {
- var args = [];
- if (data) {
- args.push(data);
+ var args = {},
+ base = '';
+
+ // check for query strings
+ if (data.indexOf('?') != -1) {
+ var split = data.split('?');
+ base = split[0];
+ args = elgg.parse_str(split[1]);
+ } else {
+ base = data;
}
- args.push("__elgg_ts=" + elgg.security.token.__elgg_ts);
- args.push("__elgg_token=" + elgg.security.token.__elgg_token);
+
+ args["__elgg_ts"] = elgg.security.token.__elgg_ts;
+ args["__elgg_token"] = elgg.security.token.__elgg_token;
- return args.join('&');
+ return base + '?' + jQuery.param(args);
}
// no input! acts like a getter