add csrf token header to jquery requests

2022-12-25 22:14:39 +01:00
parent ddc95762eb
commit 6ad78a4818
4 changed files with 9 additions and 2 deletions
--- a/templates/Froxlor/base.html.twig
+++ b/templates/Froxlor/base.html.twig
@@ -7,6 +7,7 @@
 	<meta name="robots" content="noindex, nofollow, noarchive"/>
 	<meta name="googlebot" content="nosnippet"/>
 	<link rel="icon" type="image/x-icon" href="{{ basehref|default('') }}templates/Froxlor/assets/img/icon.png">
+	<meta name="csrf-token" content="{{ csrf_token }}" />

 	<!-- CSS -->
 	{% if theme_css is empty %}
--- a/templates/Froxlor/src/js/main.js
+++ b/templates/Froxlor/src/js/main.js
@@ -11,6 +11,12 @@ window.Chart = Chart;
 $(function () {
 	window.$theme = 'Froxlor';

+	$.ajaxSetup({
+		headers: {
+			'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
+		}
+	});
+
 	const tooltipTriggerList = [].slice.call(document.querySelectorAll('[data-bs-toggle="tooltip"]'))
 	const tooltipList = tooltipTriggerList.map(function (tooltipTriggerEl) {
 		return new bootstrap.Tooltip(tooltipTriggerEl)