From e716968190b7f9f6a1f7627c0b9d5d1db885cee7 Mon Sep 17 00:00:00 2001
From: jan-molak <jan.molak@gmail.com>
Date: Sat, 1 Mar 2014 17:19:09 +0000
Subject: [PATCH] Build Monitor supports Jenkins CSRF protection

Closes #46
---
 src/main/webapp/scripts/jenkins.js                | 3 ++-
 src/test/javascript/unit/jenkins/proxyFromSpec.js | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/webapp/scripts/jenkins.js b/src/main/webapp/scripts/jenkins.js
index cf7a88573..f70567690 100644
--- a/src/main/webapp/scripts/jenkins.js
+++ b/src/main/webapp/scripts/jenkins.js
@@ -49,7 +49,8 @@ angular.module('jenkins', []).
                         data:    stringified(parameters),
                         headers: {
                             'Content-Type': STAPLER_CONTENT_TYPE,
-                            'Crumb': binding.crumb
+                            'Crumb':  binding.crumb,  // Crumb header is needed to get past Stapler
+                            '.crumb': binding.crumb   // .crumb header is needed to support CSRF protection (#46)
                         }
                     });
                 }
diff --git a/src/test/javascript/unit/jenkins/proxyFromSpec.js b/src/test/javascript/unit/jenkins/proxyFromSpec.js
index c30a4f7d5..a498f2a9b 100644
--- a/src/test/javascript/unit/jenkins/proxyFromSpec.js
+++ b/src/test/javascript/unit/jenkins/proxyFromSpec.js
@@ -90,7 +90,8 @@ describe('buildMonitor', function () {
                     headers: {
                         'Accept':       'application/json, text/plain, */*',
                         'Content-Type': 'application/x-stapler-method-invocation;charset=UTF-8',
-                        'Crumb':        crumb
+                        'Crumb':        crumb,
+                        '.crumb':       crumb
                     }
                 };