servant-auth
servant-auth copied to clipboard
Published
20 hours ago •
haskell-servant
haskell-servant
Update code for making Jquery and XSRF play nicely
trafficstars
We need to dynamically find and set the header on every request.
I did not check for jquery but in the case of htmx:
The following does not work for multiple consecutive requests,
var token = (function() {
r = document.cookie.match(new RegExp('XSRF-TOKEN=([^;]+)'))
if (r) return r[1];
})();
document.body.addEventListener('htmx:configRequest', (event) => {
event.detail.headers['X-XSRF-TOKEN'] = token;
});
The following does,
var getXSRFToken = function() {
r = document.cookie.match(new RegExp('XSRF-TOKEN=([^;]+)'))
if (r) return r[1];
};
document.body.addEventListener('htmx:configRequest', (event) => {
event.detail.headers['X-XSRF-TOKEN'] = getXSRFToken();
});
