(function(o){if(!String.prototype.startsWith){String.prototype.startsWith=function(q){return this.lastIndexOf(q,0)===0}}if(!String.prototype.endsWith){String.prototype.endsWith=function(q){return this.indexOf(q,this.length-q.length)!==-1
}}function b(q){return q&&q.constructor===String}function i(s,r,q){if(s.addEventListener){s.addEventListener(r,q,false);j.add(s,r,q)}else{if(s.attachEvent){s["e"+r+q]=q;
s[r+q]=function(){s["e"+r+q](window.event)};s.attachEvent("on"+r,s[r+q]);j.add(s,r,q)}else{s["on"+r]=s["e"+r+q]}}}var j=function(){var q=[];return{listEvents:q,add:function(r,t,s){q.push(arguments)
},flush:function(){var r,s;for(r=q.length-1;r>=0;r--){s=q[r];if(s[0].removeEventListener){s[0].removeEventListener(s[1],s[2],s[3])}if(!b(s[1])||!s[1].startsWith("on")){s[1]="on"+s[1]
}if(s[0].detachEvent){s[0].detachEvent(s[1],s[2])}s[0][s[1]]=null}}}}();function p(){XMLHttpRequest.prototype._open=XMLHttpRequest.prototype.open;XMLHttpRequest.prototype.open=function(u,r,s,q,t){this.url=r;
this._open.apply(this,arguments)};XMLHttpRequest.prototype._send=XMLHttpRequest.prototype.send;XMLHttpRequest.prototype.send=function(q){if(this.onsend!=null){this.onsend.apply(this,arguments)
}this._send.apply(this,arguments)}}function e(){var q=window.XMLHttpRequest;function r(){this.base=q?new q:new window.ActiveXObject("Microsoft.XMLHTTP")}function s(){return new r
}s.prototype=r.prototype;s.UNSENT=0;s.OPENED=1;s.HEADERS_RECEIVED=2;s.LOADING=3;s.DONE=4;s.prototype.status=0;s.prototype.statusText="";s.prototype.readyState=s.UNSENT;
s.prototype.responseText="";s.prototype.responseXML=null;s.prototype.onsend=null;s.url=null;s.onreadystatechange=null;s.prototype.open=function(z,v,w,u,x){var t=this,y=t.base;
this.url=v;this.base.onreadystatechange=function(){try{t.status=y.status}catch(A){}try{t.statusText=y.statusText}catch(A){}try{t.readyState=y.readyState}catch(A){}try{t.responseText=y.responseText
}catch(A){}try{t.responseXML=y.responseXML}catch(A){}if(t.onreadystatechange){t.onreadystatechange.apply(this,arguments)}};y.open(z,v,w,u,x)};s.prototype.send=function(t){if(this.onsend){this.onsend.apply(this,arguments)
}this.base.send(t)};s.prototype.abort=function(){this.base.abort()};s.prototype.getAllResponseHeaders=function(){return this.base.getAllResponseHeaders()};s.prototype.getResponseHeader=function(t){return this.base.getResponseHeader(t)
};s.prototype.setRequestHeader=function(t,u){return this.base.setRequestHeader(t,u)};window.XMLHttpRequest=s}function d(t,s){var q=false;if(t==s){q=true}else{if(CSRF_PARAMS.isDomainStrict===false){var r=s.charAt(0)==="."?s:"."+s;
q=t.endsWith(r)}}return q}function n(v){var q=false;if(!b(v)||!v.length||v.charAt(0)=="#"){return q}var r=v.split(/(:\/\/)|:|#|\//),u=r[0],s=r.length>1?r[1]==="://":false;
if(s&&r.length>2&&u.search(/^https?$/)===0){var t=r[2];q=d(document.domain,t)}else{if(!v.startsWith("//")&&(v.charAt(0)=="/"||v.indexOf(":")==-1)){q=true}}return q
}function h(t){if(!b(t)){return""}var u="://",s=t.indexOf(u),r;if(s){r=t.substring(s+u.length)}else{if(t.charAt(0)!="/"){r=CSRF_PARAMS.contextPath+t}else{r=t}}var q=(s==-1);
if(!q){r=r.match(/\/.+/)[0]}return r.split(/\?|#/,1)[0]}function a(u,t,r,q){var x=g(),w;if(x&&x<8){w=u.cloneNode(false).action}else{if(x&&x==8&&!b(u.getAttribute("action"))){w=u.cloneNode(false).action
}else{w=u.getAttribute("action")}}if(b(w)&&n(w)){var s=h(w),v=document.createElement("input");v.setAttribute("type","hidden");v.setAttribute("name",t);v.setAttribute("value",(q[s]||r));
u.appendChild(v)}}function m(t,w,s,x,q){var z=t.getAttribute(w);if(b(z)&&z.length>0&&n(z)){var r=h(z),y=q[r]||x,v=z.indexOf("?")!=-1?"&":"?";z=z.replace(/\s+$/,"");
z+=v+s+"="+y;try{t.setAttribute(w,z)}catch(u){}}}function k(w,y){var v=CSRF_PARAMS.isTokensPerPage?l():{};if(CSRF_PARAMS.injectToForms){var s=document.forms,u=s.length;
for(var x=0;x<u;++x){var z=s[x];if(CSRF_PARAMS.injectToAttributes){a(z,w,y,v);m(z,"action",w,y,v)}else{var r=z.getAttribute("method");if(r!==null&&("GET"!==r)&&("get"!==r)){a(z,w,y,v)
}}}f("injectTokenForm is done. ")}if(CSRF_PARAMS.injectToAttributes){var t=document.getElementsByTagName("a"),q=t.length;for(var x=0;x<q;++x){m(t[x],"href",w,y,v)
}f("injectTokenAttribute is done. ")}}function l(){var v=window.XMLHttpRequest?new window.XMLHttpRequest:new window.ActiveXObject("Microsoft.XMLHTTP");v.open("POST",CSRF_PARAMS.servletPath,false);
v.send(null);var t=v.responseText.split(/,|:/);pageTokens={};for(var s=0,q=t.length;s<q;s+=2){var r=t[s],u=s+1<q?t[s+1]:null;pageTokens[r]=u}return pageTokens}function g(){var q=/MSIE ([0-9]+\.[0-9]+)/.exec(navigator.userAgent);
return q?parseFloat(q[1]):-1}function f(q){if(CSRF_PARAMS.debug){console.log("CSRF"+q)}}var c=function(){f("processing-"+CSRF_PARAMS.requestURI);if(d(document.domain,CSRF_PARAMS.domainOrigin)){if(CSRF_PARAMS.injectToXhr&&!CSRF_PARAMS["isApplied-injectToXhr"]){CSRF_PARAMS["isApplied-injectToXhr"]=true;
if(navigator.appName=="Microsoft Internet Explorer"){e();f("hijackExplorer().")}else{p();f("hijackStandard().")}XMLHttpRequest.prototype.onsend=function(r){if(n(this.url)){this.setRequestHeader("X-Requested-With",CSRF_PARAMS.xRequestedWith);
this.setRequestHeader(CSRF_PARAMS.tokenName,CSRF_PARAMS.tokenValue)}var q=/\/session_ping.jsp$|\/admin\/logout.do$/i;if(!q.test(this.url)){pingBizxUrl&&pingBizxUrl()
}}}k(CSRF_PARAMS.tokenName,CSRF_PARAMS.tokenValue);f("injectTokens is done from document ready. ");CSRF_PARAMS.isApplied=true}else{alert("OWASP CSRFGuard JavaScript was included from within an unauthorized domain!")
}};c();o(document).ready(function(){c()})})(jQuery);