mirrors/Ride-The-Lightning-RTL
1
0
Fork 0
mirror of https://github.com/Ride-The-Lightning/RTL.git synced 2024-11-19 01:40:29 +01:00
Code Issues Projects Releases Wiki Activity

Adding CSRF Header for Browser Extension (#1037)

Browse Source 
Adding CSRF Header for Browser Extension
This commit is contained in:
ShahanaFarooqui 2022-06-01 22:10:40 -04:00 committed by GitHub
parent b8477e3613
commit 592074679b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
backend/utils/app.js
View File

@ -41,7 +41,10 @@ export class ExpressApplication {
this.app.use(this.common.baseHref + '/api/ecl', eclRoutes);
this.app.use(this.common.baseHref, express.static(join(this.directoryName, '../..', 'frontend')));
this.app.use((req, res, next) => {
// For Angular App
res.cookie('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
// For JQuery Browser Plugin
res.setHeader('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
res.sendFile(join(this.directoryName, '../..', 'frontend', 'index.html'));
});
this.app.use((err, req, res, next) => this.handleApplicationErrors(err, res));

3
server/utils/app.ts
View File

@ -63,7 +63,10 @@ export class ExpressApplication {
this.app.use(this.common.baseHref + '/api/ecl', eclRoutes);
this.app.use(this.common.baseHref, express.static(join(this.directoryName, '../..', 'frontend')));
this.app.use((req: any, res, next) => {
// For Angular App
res.cookie('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
// For JQuery Browser Plugin
res.setHeader('XSRF-TOKEN', req.csrfToken ? req.csrfToken() : '');
res.sendFile(join(this.directoryName, '../..', 'frontend', 'index.html'));
});
this.app.use((err, req, res, next) => this.handleApplicationErrors(err, res));