moanos/Notfellchen
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: use csrf token

Browse Source
This commit is contained in:
moanos [he/him]
2025-07-03 18:38:27 +02:00
parent 65182d4c2f
commit 24bae28cec
1 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/fellchensammlung/static/fellchensammlung/js/adoption-notice-form.js
View File

@@ -1,3 +1,19 @@
function getCookie(name) {
let cookieValue = null;
if (document.cookie && document.cookie !== '') {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
document.addEventListener('DOMContentLoaded', function () {
// ------------------------------------------------ functions
var show = function (elem) {
@@ -366,12 +382,13 @@ document.addEventListener('DOMContentLoaded', function () {
const xhttp = new XMLHttpRequest();
xhttp.onload = function () {
if (xhttp.status == 200) {
if (xhttp.status === 201) {
console.log(this.responseText);
} else {
console.log("Error while posting data!");
}
}
const csrftoken = getCookie('csrftoken');
let data = JSON.stringify({
"created_at": postDate,
"searching_since": an_searching_since.value,
@@ -382,7 +399,7 @@ document.addEventListener('DOMContentLoaded', function () {
"location_string": an_location_string.value,
});
xhttp.open("POST", path + "/api/adoption_notice");
xhttp.setRequestHeader('Authorization', 'Token b1269a0185a6306b64c01d9f19153bfda312e540');
xhttp.setRequestHeader("X-CSRFToken", csrftoken);
xhttp.setRequestHeader('content-type', 'application/json');
xhttp.send(data);