Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
jovuit
funkwhale
Commits
50e392d8
Unverified
Commit
50e392d8
authored
Jun 09, 2020
by
Agate
💬
Browse files
Fix #1153: post issue on some URLs due to missing CSRF token
parent
d0e6cd40
Changes
6
Hide whitespace changes
Inline
Side-by-side
front/src/components/audio/Player.vue
View file @
50e392d8
...
...
@@ -436,7 +436,6 @@ export default {
param
=
"
token
"
value
=
this
.
$store
.
state
.
auth
.
scopedTokens
.
listen
}
console
.
log
(
'
HELLO
'
,
param
,
value
,
this
.
$store
.
state
.
auth
.
scopedTokens
)
sources
.
forEach
(
e
=>
{
e
.
url
=
url
.
updateQueryString
(
e
.
url
,
param
,
value
)
})
...
...
front/src/components/audio/SearchBar.vue
View file @
50e392d8
...
...
@@ -70,7 +70,10 @@ export default {
if
(
!
self
.
$store
.
state
.
auth
.
authenticated
)
{
return
xhrObject
}
xhrObject
.
setRequestHeader
(
'
Authorization
'
,
self
.
$store
.
getters
[
'
auth/header
'
])
if
(
self
.
$store
.
state
.
auth
.
oauth
.
accessToken
)
{
xhrObject
.
setRequestHeader
(
'
Authorization
'
,
self
.
$store
.
getters
[
'
auth/header
'
])
}
return
xhrObject
},
onResponse
:
function
(
initialResponse
)
{
...
...
front/src/components/library/FileUploadWidget.vue
View file @
50e392d8
<
script
>
import
FileUpload
from
'
vue-upload-component
'
import
{
setCsrf
}
from
'
@/utils
'
export
default
{
extends
:
FileUpload
,
...
...
@@ -32,7 +33,10 @@ export default {
form
.
append
(
this
.
name
,
file
.
file
,
filename
)
let
xhr
=
new
XMLHttpRequest
()
xhr
.
open
(
'
POST
'
,
file
.
postAction
)
xhr
.
setRequestHeader
(
'
Authorization
'
,
this
.
$store
.
getters
[
'
auth/header
'
])
setCsrf
(
xhr
)
if
(
this
.
$store
.
state
.
auth
.
oauth
.
accessToken
)
{
xhr
.
setRequestHeader
(
'
Authorization
'
,
this
.
$store
.
getters
[
'
auth/header
'
])
}
return
this
.
uploadXhr
(
xhr
,
file
,
form
)
}
}
...
...
front/src/components/library/TagsSelector.vue
View file @
50e392d8
...
...
@@ -39,7 +39,10 @@ export default {
apiSettings
:
{
url
:
this
.
$store
.
getters
[
'
instance/absoluteUrl
'
](
'
/api/v1/tags/?name__startswith={query}&ordering=length&page_size=5
'
),
beforeXHR
:
function
(
xhrObject
)
{
xhrObject
.
setRequestHeader
(
'
Authorization
'
,
self
.
$store
.
getters
[
'
auth/header
'
])
if
(
self
.
$store
.
state
.
auth
.
oauth
.
accessToken
)
{
xhrObject
.
setRequestHeader
(
'
Authorization
'
,
self
.
$store
.
getters
[
'
auth/header
'
])
}
return
xhrObject
},
onResponse
(
response
)
{
...
...
front/src/components/library/radios/Filter.vue
View file @
50e392d8
...
...
@@ -114,7 +114,9 @@ export default {
settings
.
apiSettings
=
{
url
:
self
.
$store
.
getters
[
'
instance/absoluteUrl
'
](
f
.
autocomplete
+
'
?
'
+
f
.
autocomplete_qs
),
beforeXHR
:
function
(
xhrObject
)
{
xhrObject
.
setRequestHeader
(
'
Authorization
'
,
self
.
$store
.
getters
[
'
auth/header
'
])
if
(
self
.
$store
.
state
.
auth
.
oauth
.
accessToken
)
{
xhrObject
.
setRequestHeader
(
'
Authorization
'
,
self
.
$store
.
getters
[
'
auth/header
'
])
}
return
xhrObject
},
onResponse
:
function
(
initialResponse
)
{
...
...
front/src/utils.js
View file @
50e392d8
...
...
@@ -33,3 +33,15 @@ export function parseAPIErrors(responseData, parentField) {
}
return
errors
}
export
function
getCookie
(
name
)
{
return
document
.
cookie
.
split
(
'
;
'
)
.
find
(
row
=>
row
.
startsWith
(
name
))
.
split
(
'
=
'
)[
1
];
}
export
function
setCsrf
(
xhr
)
{
if
(
getCookie
(
'
csrftoken
'
))
{
xhr
.
setRequestHeader
(
'
X-CSRFToken
'
,
getCookie
(
'
csrftoken
'
))
}
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment