Investigate `withXSRFToken` config option #76

mrlubos · 2024-03-18T05:25:56Z

ferdikoomen/openapi-typescript-codegen#2067

I'd like to investigate whether we're not forcing our users to use a vulnerable setting, need to check why Axios made that change ferdikoomen/openapi-typescript-codegen#2063 (comment)

jordanshatford · 2024-03-28T02:14:35Z

This can now be done with interceptors:

The use case in the linked PR would look something like this:

OpenAPI.interceptors.request.use((request) => {
  request.withXSRFToken = request.withCredentials
  return request
})

OR

OpenAPI.interceptors.request.use((request) => {
  request.withXSRFToken = OpenAPI.WITH_CREDENTIALS
  return request
})

mrlubos · 2024-04-11T05:04:42Z

This will be solved with client packages #308

jordanshatford added docs 📃 Improvements or additions to documentation feature 🚀 New feature or request labels Mar 24, 2024

jordanshatford mentioned this issue Mar 28, 2024

Update sendRequest for axios to align on parameter deprecation (withCredentials) ferdikoomen/openapi-typescript-codegen#2063

Closed

jordanshatford added the axios label Mar 28, 2024

mrlubos self-assigned this Apr 11, 2024

mrlubos removed the client:axios label Apr 13, 2024

mrlubos added client Client package related and removed docs 📃 Improvements or additions to documentation labels May 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Investigate `withXSRFToken` config option #76

Investigate `withXSRFToken` config option #76

mrlubos commented Mar 18, 2024

jordanshatford commented Mar 28, 2024

mrlubos commented Apr 11, 2024 •

edited

Investigate withXSRFToken config option #76

Investigate withXSRFToken config option #76

Comments

mrlubos commented Mar 18, 2024

jordanshatford commented Mar 28, 2024

mrlubos commented Apr 11, 2024 • edited

Investigate `withXSRFToken` config option #76

Investigate `withXSRFToken` config option #76

mrlubos commented Apr 11, 2024 •

edited