Adding CSRF Header for Browser Extension (#1037)

Adding CSRF Header for Browser Extension
This commit is contained in:
ShahanaFarooqui 2022-06-01 22:10:40 -04:00 committed by GitHub
parent b8477e3613
commit 592074679b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 0 deletions

View File

@ -41,7 +41,10 @@ export class ExpressApplication {
this.app.use(this.common.baseHref + '/api/ecl', eclRoutes);
this.app.use(this.common.baseHref, express.static(join(this.directoryName, '../..', 'frontend')));
this.app.use((req, res, next) => {
// For Angular App
res.cookie('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
// For JQuery Browser Plugin
res.setHeader('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
res.sendFile(join(this.directoryName, '../..', 'frontend', 'index.html'));
});
this.app.use((err, req, res, next) => this.handleApplicationErrors(err, res));

View File

@ -63,7 +63,10 @@ export class ExpressApplication {
this.app.use(this.common.baseHref + '/api/ecl', eclRoutes);
this.app.use(this.common.baseHref, express.static(join(this.directoryName, '../..', 'frontend')));
this.app.use((req: any, res, next) => {
// For Angular App
res.cookie('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
// For JQuery Browser Plugin
res.setHeader('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
res.sendFile(join(this.directoryName, '../..', 'frontend', 'index.html'));
});
this.app.use((err, req, res, next) => this.handleApplicationErrors(err, res));