diff --git a/app/assets/javascripts/discourse/initializers/csrf-token.js.es6 b/app/assets/javascripts/discourse/initializers/csrf-token.js.es6 index fd95c274d96..0ddd5dda5d5 100644 --- a/app/assets/javascripts/discourse/initializers/csrf-token.js.es6 +++ b/app/assets/javascripts/discourse/initializers/csrf-token.js.es6 @@ -1,16 +1,21 @@ // Append our CSRF token to AJAX requests when necessary. + +let installedFilter = false; + export default { name: "csrf-token", initialize: function(container) { - var session = container.lookup("session:main"); - // Add a CSRF token to all AJAX requests + let session = container.lookup("session:main"); session.set("csrfToken", $("meta[name=csrf-token]").attr("content")); - $.ajaxPrefilter(function(options, originalOptions, xhr) { - if (!options.crossDomain) { - xhr.setRequestHeader("X-CSRF-Token", session.get("csrfToken")); - } - }); + if (!installedFilter) { + $.ajaxPrefilter(function(options, originalOptions, xhr) { + if (!options.crossDomain) { + xhr.setRequestHeader("X-CSRF-Token", session.get("csrfToken")); + } + }); + installedFilter = true; + } } };