No need for csrftoken in headers, closes #13

datasette · Mar 20, 2024 · 9f2a445 · 9f2a445
1 parent 02139a3
commit 9f2a445
Showing 1 changed file with 0 additions and 3 deletions.
diff --git a/datasette_paste/templates/paste_create_table.html b/datasette_paste/templates/paste_create_table.html
@@ -50,7 +50,6 @@ <h1>Paste data to create a table</h1>
 
 <form id="pasteForm" style="display: none">
   <p>
-    <input type="hidden" name="csrftoken" value="{{ csrftoken() }}">
     <label for="id_table_name">Table name:</label>
     <input type="text" required name="table" id="id_table_name" value="" placeholder="Enter a new table name">
   </p>
@@ -267,10 +266,8 @@ <h1>Paste data to create a table</h1>
   progressBar.max = currentRows.length;
   // Submit to API in batches of 100
   const url = window.location.pathname.replace('/-/paste', '/-/create');
-  const csrftoken = document.querySelector('input[name="csrftoken"]').value;
   const headers = new Headers();
   headers.append('Content-Type', 'application/json');
-  headers.append('X-CSRFToken', csrftoken);
   const batchSize = 100;
   for (let i = 0; i < currentRows.length; i += batchSize) {
     const batch = currentRows.slice(i, i + batchSize);