Do not set CSRF Token when no csrf header (#10383)

master
Hinaloe 6 years ago committed by Eugen Rochko
parent 792a0f106e
commit 68f2211f00
  1. 8
      app/javascript/mastodon/api.js

@ -13,10 +13,14 @@ export const getLinks = response => {
}; };
let csrfHeader = {}; let csrfHeader = {};
function setCSRFHeader() { function setCSRFHeader() {
const csrfToken = document.querySelector('meta[name=csrf-token]').content; const csrfToken = document.querySelector('meta[name=csrf-token]');
csrfHeader['X-CSRF-Token'] = csrfToken; if (csrfToken) {
csrfHeader['X-CSRF-Token'] = csrfToken.content;
}
} }
ready(setCSRFHeader); ready(setCSRFHeader);
export default getState => axios.create({ export default getState => axios.create({

Loading…
Cancel
Save