From dbf3a074f7c1248d5069c6c87157b45be67dc7af Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Wed, 11 Jan 2017 14:52:05 -0800
Subject: [PATCH] Fix CSRF issue on bootstrap tables

---
 public/assets/js/bootstrap-table.js       | 6 +++++-
 resources/views/layouts/default.blade.php | 6 +++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/public/assets/js/bootstrap-table.js b/public/assets/js/bootstrap-table.js
index f8715e9c4d..1c891bbc54 100755
--- a/public/assets/js/bootstrap-table.js
+++ b/public/assets/js/bootstrap-table.js
@@ -254,7 +254,11 @@
         cache: true,
         contentType: 'application/json',
         dataType: 'json',
-        ajaxOptions: {},
+        ajaxOptions: {
+         headers: {
+                'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
+            }
+        },
         queryParams: function (params) {
             return params;
         },
diff --git a/resources/views/layouts/default.blade.php b/resources/views/layouts/default.blade.php
index 54928b8199..1577198890 100644
--- a/resources/views/layouts/default.blade.php
+++ b/resources/views/layouts/default.blade.php
@@ -25,9 +25,7 @@
 
     <link rel="shortcut icon" type="image/ico" href="{{ asset('favicon.ico') }}">
 
-      <script>
-          window.Laravel = { csrfToken: '{{ csrf_token() }}' };
-      </script>
+    <meta name="csrf-token" content="{{ csrf_token() }}">
 
     <style>
         @if ($snipeSettings)
@@ -275,6 +273,7 @@
 
 
                <!-- User Account: style can be found in dropdown.less -->
+               @if (Auth::check())
                <li class="dropdown user user-menu">
                  <a href="#" class="dropdown-toggle" data-toggle="dropdown">
                    @if (Auth::user()->present()->gravatar())
@@ -312,6 +311,7 @@
                      </li>
                  </ul>
                </li>
+               @endif
 
 
                @can('superadmin')