id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
15872	JavaScript CSRF fix for Ajax POST mentioned in docs intermittently fails to append token for IE7	nick@…	nobody	"I've found that in some cases(not sure why), IE7 will prepend protocol://servername to a form's action, causing the 
{{{
 if (!(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {...}
}}}
test to fail...  

I propose we use the following instead, as it will work in more cases:
{{{

    var page_host = window.location.host;
    var regex=new RegExp('^https?://' + page_host + '/', 'i');
    if (regex.test(settings.url) || !(/^http:.*/.test(settings.url) || /^https:.*/.test(settings.url))) {
        // Only send the token to relative URLs i.e. locally.
    }
}}}"	Bug	closed	Documentation	1.3	Normal	duplicate	ajax csrf post		Unreviewed	1	0	0	0	0	0