NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-15 11:42:52 -06:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

#101700 change csrf token access

Browse Source
This commit is contained in:
Arthur 2022-08-29 14:40:03 -07:00
parent 249b8b0363
commit c12e545ccd
12 changed files with 6 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
netbox/project-static/dist/config.js vendored
View File

Binary file not shown.

BIN
netbox/project-static/dist/config.js.map vendored
View File

Binary file not shown.

BIN
netbox/project-static/dist/lldp.js vendored
View File

Binary file not shown.

BIN
netbox/project-static/dist/lldp.js.map vendored
View File

Binary file not shown.

BIN
netbox/project-static/dist/netbox.js vendored
View File

Binary file not shown.

BIN
netbox/project-static/dist/netbox.js.map vendored
View File

Binary file not shown.

BIN
netbox/project-static/dist/status.js vendored
View File

Binary file not shown.

BIN
netbox/project-static/dist/status.js.map vendored
View File

Binary file not shown.

1
netbox/project-static/package.json
View File

@ -27,7 +27,6 @@
"bootstrap": "~5.0.2",
"clipboard": "^2.0.8",
"color2k": "^1.2.4",
"cookie": "^0.4.1",
"dayjs": "^1.10.4",
"flatpickr": "4.6.3",
"htmx.org": "^1.6.1",

19
netbox/project-static/src/util.ts
View File

@ -1,9 +1,11 @@
import Cookie from 'cookie';
type Method = 'GET' | 'POST' | 'PATCH' | 'PUT' | 'DELETE';
type ReqData = URLSearchParams | Dict | undefined | unknown;
type SelectedOption = { name: string; options: string[] };
declare global {
interface Window { CSRF_TOKEN: any; }
}
/**
* Infer valid HTMLElement props based on element name.
*/
@ -93,23 +95,12 @@ export function isElement(obj: Element | null | undefined): obj is Element {
return typeof obj !== null && typeof obj !== 'undefined';
}
/**
* Retrieve the CSRF token from cookie storage.
*/
function getCsrfToken(): string {
const { csrftoken: csrfToken } = Cookie.parse(document.cookie);
if (typeof csrfToken === 'undefined') {
throw new Error('Invalid or missing CSRF token');
}
return csrfToken;
}
export async function apiRequest<R extends Dict, D extends ReqData = undefined>(
url: string,
method: Method,
data?: D,
): Promise<APIResponse<R>> {
const token = getCsrfToken();
const token = window.CSRF_TOKEN;
const headers = new Headers({ 'X-CSRFToken': token });
let body;

5
netbox/project-static/yarn.lock
View File

@ -737,11 +737,6 @@ configstore@^3.0.0:
write-file-atomic "^2.0.0"
xdg-basedir "^3.0.0"
cookie@^0.4.1:
version "0.4.1"
resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.1.tgz#afd713fe26ebd21ba95ceb61f9a8116e50a537d1"
integrity sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==
copy-to-clipboard@^3.2.0:
version "3.3.1"
resolved "https://registry.yarnpkg.com/copy-to-clipboard/-/copy-to-clipboard-3.3.1.tgz#115aa1a9998ffab6196f93076ad6da3b913662ae"

1
netbox/templates/base/base.html
View File

@ -99,6 +99,7 @@
}
return setMode("light", true);
})();
window.CSRF_TOKEN = "{{ csrf_token }}";
</script>
{# Static resources #}