Changes how we set the csrf header for jquery, changed to global and ensures that it is lazily resolved to always ensure it has the newest value
This commit is contained in:
Shannon
@@ -1,6 +1,16 @@
|
||||
/** Executed when the application starts, binds to events and set global state */
|
||||
app.run(['userService', '$log', '$rootScope', '$location', 'navigationService', 'appState', 'editorState', 'fileManager', 'assetsService','eventsService', 'umbRequestHelper',
|
||||
function (userService, $log, $rootScope, $location, navigationService, appState, editorState, fileManager, assetsService, eventsService, umbRequestHelper) {
|
||||
app.run(['userService', '$log', '$rootScope', '$location', 'navigationService', 'appState', 'editorState', 'fileManager', 'assetsService', 'eventsService', '$cookies',
|
||||
function (userService, $log, $rootScope, $location, navigationService, appState, editorState, fileManager, assetsService, eventsService, $cookies) {
|
||||
|
||||
|
||||
//This sets the default jquery ajax headers to include our csrf token, we
|
||||
// need to user the beforeSend method because our token changes per user/login so
|
||||
// it cannot be static
|
||||
$.ajaxSetup({
|
||||
beforeSend: function (xhr) {
|
||||
xhr.setRequestHeader("X-XSRF-TOKEN", $cookies["XSRF-TOKEN"]);
|
||||
}
|
||||
});
|
||||
|
||||
var firstRun = true;
|
||||
|
||||
|
||||
@@ -8,10 +8,6 @@ angular.module("umbraco")
|
||||
$scope.multiPicker = (dialogOptions.multiPicker && dialogOptions.multiPicker !== "0") ? true : false;
|
||||
|
||||
$scope.options = {
|
||||
//NOTE: This header is very important since we check for csrf on the server side
|
||||
headers: {
|
||||
"X-XSRF-TOKEN": $cookies["XSRF-TOKEN"]
|
||||
},
|
||||
url: umbRequestHelper.getApiUrl("mediaApiBaseUrl", "PostAddFile"),
|
||||
autoUpload: true,
|
||||
formData: {
|
||||
|
||||
@@ -26,10 +26,6 @@ function MediaFolderBrowserDashboardController($rootScope, $scope, assetsService
|
||||
|
||||
$scope.filesUploading = [];
|
||||
$scope.options = {
|
||||
//NOTE: This header is very important since we check for csrf on the server side
|
||||
headers: {
|
||||
"X-XSRF-TOKEN": $cookies["XSRF-TOKEN"]
|
||||
},
|
||||
url: umbRequestHelper.getApiUrl("mediaApiBaseUrl", "PostAddFile"),
|
||||
autoUpload: true,
|
||||
disableImageResize: /Android(?!.*Chrome)|Opera/
|
||||
|
||||
@@ -19,11 +19,7 @@ angular.module("umbraco")
|
||||
if(!$scope.creating){
|
||||
|
||||
$scope.filesUploading = [];
|
||||
$scope.options = {
|
||||
//NOTE: This header is very important since we check for csrf on the server side
|
||||
headers: {
|
||||
"X-XSRF-TOKEN": $cookies["XSRF-TOKEN"]
|
||||
},
|
||||
$scope.options = {
|
||||
url: umbRequestHelper.getApiUrl("mediaApiBaseUrl", "PostAddFile"),
|
||||
autoUpload: true,
|
||||
disableImageResize: /Android(?!.*Chrome)|Opera/
|
||||
|
||||
Reference in New Issue
Block a user