TouchInstinct
/
formsy-react
302
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added CSRF token handling

This commit is contained in:
christianalfoni 2015-03-07 11:12:05 +01:00
parent 6b69c0d8d5
commit d9bf45d417
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -68,6 +68,10 @@ The main concept is that forms, inputs and validation is done very differently a
## <a name="changes">Changes</a>
**0.7.2**:
- isNumber validation now supports float (Thanks @hahahana)
- Form XHR calls now includes CSRF headers, if exists (Thanks @hahahana)
**0.7.1**
- Fixed bug where external update of value on pristine form element did not update the form model (Thanks @sdemjanenko)
- Fixed bug where children are null/undefined (Thanks @sdemjanenko)

6
src/main.js
View File

@ -56,6 +56,7 @@ var toURLEncoded = function (element, key, list) {
return list.join('&');
};
var csrfTokenSelector = document.querySelector('meta[name="csrf-token"]');
var request = function (method, url, data, contentType, headers) {
var contentType = contentType === 'urlencoded' ? 'application/' + contentType.replace('urlencoded', 'x-www-form-urlencoded') : 'application/json';
@ -68,8 +69,9 @@ var request = function (method, url, data, contentType, headers) {
xhr.setRequestHeader('Accept', 'application/json');
xhr.setRequestHeader('Content-Type', contentType);
var csrfTokenSelector = document.querySelector('meta[name="csrf-token"]');
if (!! csrfTokenSelector && !! csrfTokenSelector.content) xhr.setRequestHeader('X-CSRF-Token', csrfTokenSelector.content);
if (!!csrfTokenSelector && !!csrfTokenSelector.content) {
xhr.setRequestHeader('X-CSRF-Token', csrfTokenSelector.content);
}
// Add passed headers
Object.keys(headers).forEach(function (header) {