mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-16 19:33:11 +02:00
Feature/save signs (#2127)
* apply fix * Fixes empty th:action * Update build.gradle * fix * formatting * Save signatures * Fix code scanning alert no. 42: Uncontrolled data used in path expression Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix UserServiceInterface * Merge branch 'feature/saveSigns' of [email protected]:Stirling-Tools/Stirling-PDF.git into feature/saveSigns * 0.31.0 bump and further csrf * formatting * preview name * add * sign doc * Update translation files (#2128) Signed-off-by: GitHub Action <[email protected]> Co-authored-by: GitHub Action <[email protected]> --------- Signed-off-by: GitHub Action <[email protected]> Co-authored-by: Dimitrios Kaitantzidis <[email protected]> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: a <a> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: GitHub Action <[email protected]>
This commit is contained in:
co-authored by
Dimitrios Kaitantzidis
Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
a <a>
github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
GitHub Action
parent
ed75fa4e1b
commit
27d2681a97
@@ -0,0 +1,29 @@
|
||||
window.fetchWithCsrf = async function(url, options = {}) {
|
||||
function getCsrfToken() {
|
||||
const cookieValue = document.cookie
|
||||
.split('; ')
|
||||
.find(row => row.startsWith('XSRF-TOKEN='))
|
||||
?.split('=')[1];
|
||||
|
||||
if (cookieValue) {
|
||||
return cookieValue;
|
||||
}
|
||||
|
||||
const csrfElement = document.querySelector('input[name="_csrf"]');
|
||||
return csrfElement ? csrfElement.value : null;
|
||||
}
|
||||
|
||||
// Create a new options object to avoid modifying the passed object
|
||||
const fetchOptions = { ...options };
|
||||
|
||||
// Ensure headers object exists
|
||||
fetchOptions.headers = { ...options.headers };
|
||||
|
||||
// Add CSRF token if available
|
||||
const csrfToken = getCsrfToken();
|
||||
if (csrfToken) {
|
||||
fetchOptions.headers['X-XSRF-TOKEN'] = csrfToken;
|
||||
}
|
||||
|
||||
return fetch(url, fetchOptions);
|
||||
}
|
||||
@@ -119,7 +119,7 @@ document.getElementById("submitConfigBtn").addEventListener("click", function ()
|
||||
formData.append("json", pipelineConfigJson);
|
||||
console.log("formData", formData);
|
||||
|
||||
fetch("api/v1/pipeline/handleData", {
|
||||
fetchWithCsrf("api/v1/pipeline/handleData", {
|
||||
method: "POST",
|
||||
body: formData,
|
||||
})
|
||||
@@ -154,7 +154,7 @@ let apiDocs = {};
|
||||
let apiSchemas = {};
|
||||
let operationSettings = {};
|
||||
|
||||
fetch("v1/api-docs")
|
||||
fetchWithCsrf("v1/api-docs")
|
||||
.then((response) => response.json())
|
||||
.then((data) => {
|
||||
apiDocs = data.paths;
|
||||
|
||||
Reference in New Issue
Block a user