I'm using the autosave plugin (viewtopic.php?f=18&t=24128) which obviously sends out an AJAX request. This request is pointed to a controller on my Rails application which requires authentication. The authentication is failing since it doesn't include my CSRF token (and potentially a few other POST parameters).
I need to pass a CSRF token from my CKEditor like this:
<head> ... <meta content="authenticity_token" name="csrf-param" /> <meta content="GshuwBbbowxSotqKN80U/IrWR428xrnVgewr14lB9lw=" name="csrf-token" /> </head>
I'll also probably have to add a few other normal POST parameters as well. Here's my current initialization and configuration:
<textarea id="textArea" name="textArea"></textarea>
<script type="text/javascript">
var editor = CKEDITOR.replace('textArea', {
removePlugins : 'resize',
extraPlugins : 'autogrow',
autoGrow_maxHeight : 800
});
</script>
CKEDITOR.editorConfig = function( config )
{
config.extraPlugins = 'autosave';
config.toolbar = [['Source','Save','Preview','-', 'Autosave']];
//TODO: replace this URL with a functional one
config.autosaveTargetUrl = '/entries/autosave';
config.autosaveMinTimeBetweenRequests = 30;
config.autosaveRefreshTime = config.autosaveMinTimeBetweenRequests;
};
How can I achieve this with CKEditor and the attached plugin? I'm guessing there's no way other than modifying the source?
Re: Adding a CSRF Token For Rails Integration