viveksantayana/ska-referee-test
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 19 Wiki Activity

Added CSRF protection to all ajax requests

Browse Source
This commit is contained in:
Vivek Santayana
2021-11-29 09:13:21 +00:00
parent 0c3199515b
commit 82b16ec9fb
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ref-test/admin/templates/admin/components/base.html
View File

@@ -53,6 +53,17 @@
crossorigin="anonymous" crossorigin="anonymous"
></script> ></script>
<!-- Custom js --> <!-- Custom js -->
<script type="text/javascript">
var csrf_token = "{{ csrf_token() }}";
$.ajaxSetup({
beforeSend: function(xhr, settings) {
if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) {
xhr.setRequestHeader("X-CSRFToken", csrf_token);
}
}
});
</script>
<script <script
type="text/javascript" type="text/javascript"
src="{{ url_for('.static', filename='js/script.js') }}" src="{{ url_for('.static', filename='js/script.js') }}"

11
ref-test/quiz/templates/quiz/components/base.html
View File

@@ -51,6 +51,17 @@
crossorigin="anonymous" crossorigin="anonymous"
></script> ></script>
<!-- Custom js --> <!-- Custom js -->
<script type="text/javascript">
var csrf_token = "{{ csrf_token() }}";
$.ajaxSetup({
beforeSend: function(xhr, settings) {
if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) {
xhr.setRequestHeader("X-CSRFToken", csrf_token);
}
}
});
</script>
<script <script
type="text/javascript" type="text/javascript"
src="{{ url_for('.static', filename='js/script.js') }}" src="{{ url_for('.static', filename='js/script.js') }}"