Fix CSRF protection to work with non-standard CSRF cookie names

Fixes disqus#19 with an updated version of disqus#18 with review changes. Thanks @karech and @graingert.

Conflicts:
	HISTORY.rst
	nexus/templatetags/nexus_helpers.py

nexus/media/js/nexus.js

@@ -34,7 +34,8 @@ jQuery.ajaxSetup({
         }
 
         if (!safeMethod(settings.type) && sameOrigin(settings.url)) {
-            xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
+            var cookieName = $('#nexus-constants').data('csrfCookieName');
+            xhr.setRequestHeader("X-CSRFToken", getCookie(cookieName));
         }
     }
-});
+});

nexus/templates/nexus/base.html

@@ -25,7 +25,10 @@
         <script src="{% nexus_media_prefix %}/nexus/js/lib/jquery.js"></script>
         <script src="{% nexus_media_prefix %}/nexus/js/lib/jquery.tmpl.js"></script>
         <script src="{% nexus_media_prefix %}/nexus/js/lib/facebox/facebox.js"></script>
-        <script src="{% nexus_media_prefix %}/nexus/js/nexus.js"></script>
+        <script src="{% nexus_media_prefix %}/nexus/js/nexus.js"
+                id="nexus-constants"
+                data-csrf-cookie-name="{% nexus_csrf_cookie_name %}"
+            ></script>
 
         {% block head %}
         {% endblock %}

nexus/templatetags/nexus_helpers.py

@@ -1,5 +1,6 @@
 from django import template
 from django.utils.datastructures import SortedDict
+from django.conf import settings
 
 import nexus
 from nexus import conf
@@ -18,6 +19,11 @@ def nexus_version():
 register.simple_tag(nexus_version)
 
 
+def nexus_csrf_cookie_name():
+    return settings.CSRF_COOKIE_NAME
+register.simple_tag(nexus_csrf_cookie_name)
+
+
 def show_navigation(context):
     site = context.get('nexus_site', NexusModule.get_global('site'))
     request = NexusModule.get_request()