Permalink
Browse files

fix(xsrf): overwrite already set xsrf header

  • Loading branch information...
Hacklone authored and vsavkin committed Aug 19, 2016
1 parent 178fb79 commit b4265e0685cb82ca7a3ec8b01140a214d8c4cb47
@@ -187,7 +187,7 @@ export class CookieXSRFStrategy implements XSRFStrategy {
configureRequest(req: Request) {
let xsrfToken = __platform_browser_private__.getDOM().getCookie(this._cookieName);
- if (xsrfToken && !req.headers.has(this._headerName)) {
+ if (xsrfToken) {
req.headers.set(this._headerName, xsrfToken);
}
}
@@ -124,11 +124,11 @@ export function main() {
backend.createConnection(sampleRequest);
expect(sampleRequest.headers.get('X-XSRF-TOKEN')).toBe('magic XSRF value');
});
- it('respects existing headers', () => {
+ it('should allow overwriting of existing headers', () => {
getDOM().setCookie('XSRF-TOKEN', 'magic XSRF value');
sampleRequest.headers.set('X-XSRF-TOKEN', 'already set');
backend.createConnection(sampleRequest);
- expect(sampleRequest.headers.get('X-XSRF-TOKEN')).toBe('already set');
+ expect(sampleRequest.headers.get('X-XSRF-TOKEN')).toBe('magic XSRF value');
});
describe('configuration', () => {

0 comments on commit b4265e0

Please sign in to comment.