Fix commenting

It was missing Typewatch and csrf_token

Fixes T54518

src/templates/attract/layout.pug

@@ -90,6 +90,20 @@ html(lang="en")
 		script(src="{{ url_for('static_attract', filename='assets/js/vendor/moment-2.15.2.min.js') }}")
 		script(src="{{ url_for('static_attract', filename='assets/js/vendor/pikaday.js') }}")
 
+		| {% if current_user.is_authenticated %}
+		script(src="{{ url_for('static_pillar', filename='assets/js/vendor/jquery.typewatch-3.0.0.min.js') }}")
+		script.
+			// When sending an AJAX request, always add the X-CSRFToken header to it.
+			var csrf_token = "{{ csrf_token() }}";
+			$.ajaxSetup({
+				beforeSend: function (xhr, settings) {
+					if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) {
+						xhr.setRequestHeader("X-CSRFToken", csrf_token);
+					}
+				}
+			});
+		| {% endif %}
+
 		script.
 			{% if project %}
 			$('.js-help').openModalUrl('Help', "{{ url_for('attract.help', project_url=project.url) }}");