Skip to content
Snippets Groups Projects
Commit ec9d017c authored by Swen Vermeul's avatar Swen Vermeul
Browse files

send credentials in header to enforce sending cookies

parent be1532d3
No related branches found
No related tags found
No related merge requests found
......@@ -30,7 +30,8 @@ define([
method: "PUT",
headers: {
"Content-Type": "application/json",
"X-XSRFToken": xsrf_token
"X-XSRFToken": xsrf_token,
"credentials": "same-origin",
},
body: JSON.stringify(body)
})
......@@ -45,14 +46,13 @@ define([
"password": password
}
var cookie = decodeURIComponent(document.cookie)
var xsrf_token = cookie.split("_xsrf=")[1]
var xsrf_token = common.getCookie('_xsrf')
return fetch(endpoint, {
method: "POST",
headers: {
"Content-Type": "application/json",
//"X-XSRFToken": xsrf_token,
"X-XSRFToken": xsrf_token,
"credentials": "same-origin",
},
body: JSON.stringify(body)
})
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment