Skip to content

Commit

Permalink
Do not set CSRF Token when no csrf header (mastodon#10383)
Browse files Browse the repository at this point in the history
  • Loading branch information
@hinaloe @Gargron
hinaloe authored and Gargron committed Mar 26, 2019
1 parent b3dba51 commit f8cd4fa
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions app/javascript/mastodon/api.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,14 @@ export const getLinks = response => {
};

let csrfHeader = {};

function setCSRFHeader() {
const csrfToken = document.querySelector('meta[name=csrf-token]').content;
csrfHeader['X-CSRF-Token'] = csrfToken;
const csrfToken = document.querySelector('meta[name=csrf-token]');
if (csrfToken) {
csrfHeader['X-CSRF-Token'] = csrfToken.content;
}
}

ready(setCSRFHeader);

export default getState => axios.create({
Expand Down

0 comments on commit f8cd4fa

Please sign in to comment.