From 32a0d1603274a8e9d912161a74a87c5dadb718d8 Mon Sep 17 00:00:00 2001
From: Sean Doyle <sean.p.doyle24@gmail.com>
Date: Sun, 8 Nov 2015 11:46:05 -0500
Subject: [PATCH] Set `X-CSRF-Token` on HTTP requests

https://github.com/emberjs/ember-rails#csrf-token
https://github.com/thoughtbot/ember-cli-rails#csrf-tokens

When `ember-cli-rails` embeds the CSRF meta tags, this initializer
configures the host app to recognize them and set them as outgoing HTTP
headers to play nice with the Rails app's CSRF protection.
---
 app/initializers/csrf.js | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 app/initializers/csrf.js

diff --git a/app/initializers/csrf.js b/app/initializers/csrf.js
new file mode 100644
index 0000000..ca8e059
--- /dev/null
+++ b/app/initializers/csrf.js
@@ -0,0 +1,14 @@
+import Ember from 'ember';
+
+const { $ } = Ember;
+
+export default {
+  name: 'ember-cli-rails-addon:csrf',
+
+  initialize() {
+    $.ajaxPrefilter((options, originalOptions, xhr) => {
+      const token = $('meta[name="csrf-token"]').attr('content');
+      xhr.setRequestHeader('X-CSRF-Token', token);
+    });
+  },
+};