netbox
netbox copied to clipboard
netbox.js doesn't reference custom CSRF cookie
NetBox version
v3.2.8
Python version
3.9
Steps to Reproduce
- In
configuration.py
set theCSRF_COOKIE_NAME
value to something other than default (csrftoken
) - Login to NetBox
- Navigate to Circuits > Circuits.
- Click the Filter tab
- Open your browser's dev tools console
- Click on any filter dropdown (
Tenant
for example)
Expected Behavior
Dropdown data is populated and selectable.
Observed Behavior
The dropdown is empty and the dev tool's console shows the following error:
netbox.js?v=3.2.8:9 Error: Invalid or missing CSRF token
at wI (netbox.js?v=3.2.8:8:143492)
at netbox.js?v=3.2.8:8:143606
at Generator.next (<anonymous>)
at netbox.js?v=3.2.8:1:1413
at new Promise (<anonymous>)
at Fr (netbox.js?v=3.2.8:1:1202)
at ny (netbox.js?v=3.2.8:8:143574)
at netbox.js?v=3.2.8:9:195
at Generator.next (<anonymous>)
at netbox.js?v=3.2.8:1:1413
(anonymous) @ netbox.js?v=3.2.8:9
ln @ netbox.js?v=3.2.8:1
Promise.then (async)
cn @ netbox.js?v=3.2.8:1
(anonymous) @ netbox.js?v=3.2.8:1
Fr @ netbox.js?v=3.2.8:1
loadData @ netbox.js?v=3.2.8:9
slim.beforeOpen @ netbox.js?v=3.2.8:9
hn.open @ netbox.js?v=3.2.8:9
gn.onclick @ netbox.js?v=3.2.8:9
Related https://github.com/netbox-community/netbox/issues/9277
I believe this line is at issue https://github.com/netbox-community/netbox/blob/b318b7902753c438379c1ec19fa12b765cff5e72/netbox/project-static/src/util.ts#L100
as the compiled netbox.js
file shows:
{let{csrftoken:tn}=Zb.default.parse(document.cookie);if(typeof tn=="undefined")throw new Error("Invalid or missing CSRF token")
Somehow this line will have to be dynamically read/updated based on the CSRF_COOKIE_NAME
value.