From eb0332609cd2d3cc6c0489398ec7c06863b7f6fe Mon Sep 17 00:00:00 2001
From: Brian Ridings <bdrid001@gmail.com>
Date: Thu, 27 Mar 2014 14:09:13 -0400
Subject: [PATCH] CSRF token to headers for AJAX POST. Fix for #113

This is how you do a JS post with the CSRF Protection

```
$.ajax({
url: "http://test.com",
type:"post"
headers: {'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')}})
```
---
 views/layout.jade | 1 +
 1 file changed, 1 insertion(+)

diff --git a/views/layout.jade b/views/layout.jade
index b3980e41c4..71ac7ef9b0 100644
--- a/views/layout.jade
+++ b/views/layout.jade
@@ -5,6 +5,7 @@ html
     meta(http-equiv='X-UA-Compatible', content='IE=edge')
     meta(name='viewport', content='width=device-width, initial-scale=1.0')
     meta(name='description', content='')
+    meta(name='csrf-token', content=token)
     meta(name='author', content='')
     title #{title} | Hackathon Starter
     != css('styles')