U4-10367 417 missing token error due to cookie being overwritten

Changes the cookie and header names to be Umbraco specific
2017-08-29 11:17:52 +02:00
parent cf10f5f0ee
commit d300bf8d6d
4 changed files with 8 additions and 6 deletions
--- a/src/Umbraco.Web.UI.Client/src/common/security/securityinterceptor.js
+++ b/src/Umbraco.Web.UI.Client/src/common/security/securityinterceptor.js
@@ -103,5 +103,7 @@ angular.module('umbraco.security.interceptor')

    // We have to add the interceptor to the queue as a string because the interceptor depends upon service instances that are not available in the config block.
    .config(['$httpProvider', function ($httpProvider) {
+        $httpProvider.defaults.xsrfHeaderName = 'X-UMB-XSRF-TOKEN';
+        $httpProvider.defaults.xsrfCookieName = 'UMB-XSRF-TOKEN';
        $httpProvider.responseInterceptors.push('securityInterceptor');
    }]);
--- a/src/Umbraco.Web.UI.Client/src/init.js
+++ b/src/Umbraco.Web.UI.Client/src/init.js
@@ -7,7 +7,7 @@ app.run(['userService', '$log', '$rootScope', '$location', 'navigationService',
        // it cannot be static
        $.ajaxSetup({
            beforeSend: function (xhr) {
-                xhr.setRequestHeader("X-XSRF-TOKEN", $cookies["XSRF-TOKEN"]);
+                xhr.setRequestHeader("X-UMB-XSRF-TOKEN", $cookies["UMB-XSRF-TOKEN"]);
            }
        });