github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 22:43:33 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Add CSRF meta tags to pages served by Ember CLI server (#11993)

Browse Source 
Signed-off-by: OsamaSayegh <asooomaasoooma90@gmail.com>
This commit is contained in:
Osama Sayegh
2021-02-06 01:18:29 +03:00
committed by GitHub
parent ded0f5b4e5
commit f700e318a4
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/assets/javascripts/discourse/public/assets/scripts/discourse-boot.js
View File

@ -195,6 +195,16 @@
let locale = data.bootstrap.locale_script; let locale = data.bootstrap.locale_script;
if (data.bootstrap.csrf_token) {
const csrfParam = document.createElement("meta");
csrfParam.setAttribute("name", "csrf-param");
csrfParam.setAttribute("content", "authenticity_token");
head.append(csrfParam);
const csrfToken = document.createElement("meta");
csrfToken.setAttribute("name", "csrf-token");
csrfToken.setAttribute("content", data.bootstrap.csrf_token);
head.append(csrfToken);
}
(data.bootstrap.stylesheets || []).forEach((s) => { (data.bootstrap.stylesheets || []).forEach((s) => {
let link = document.createElement("link"); let link = document.createElement("link");
link.setAttribute("rel", "stylesheet"); link.setAttribute("rel", "stylesheet");

1
app/controllers/bootstrap_controller.rb
View File

@ -60,6 +60,7 @@ class BootstrapController < ApplicationController
preloaded: @preloaded, preloaded: @preloaded,
} }
bootstrap[:extra_locales] = extra_locales if extra_locales.present? bootstrap[:extra_locales] = extra_locales if extra_locales.present?
bootstrap[:csrf_token] = form_authenticity_token if current_user
render_json_dump(bootstrap: bootstrap) render_json_dump(bootstrap: bootstrap)
end end