perso/syncthing-arm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gui: Set CSRF stuff earlier (fixes #3138)

Browse Source 
We need to set these properties *before* Angular starts making requests,
and doing that from the response to a request is too late. The obvious
choice (to me) would be to use the angular $cookies service, but that
service isn't available until after initialization so we can't use it.
Instead, add a special file that is loaded by index.html and includes
the info we need before the JS app even starts running.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/3152
This commit is contained in:
Jakob Borg
2016-05-22 10:26:09 +00:00
committed by Audrius Butkevicius
parent 00be2bf18d
commit 4bc2b3f369
3 changed files with 15 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
gui/default/syncthing/app.js
View File

@@ -23,31 +23,9 @@ var syncthing = angular.module('syncthing', [
var urlbase = 'rest';
syncthing.config(function ($httpProvider, $translateProvider, LocaleServiceProvider) {
$httpProvider.interceptors.push(function xHeadersResponseInterceptor() {
var deviceId = null;
return {
response: function onResponse(response) {
var headers = response.headers();
// angular template cache sends no headers
if(Object.keys(headers).length === 0) {
return response;
}
if (!deviceId) {
deviceId = headers['x-syncthing-id'];
if (deviceId) {
var deviceIdShort = deviceId.substring(0, 5);
$httpProvider.defaults.xsrfHeaderName = 'X-CSRF-Token-' + deviceIdShort;
$httpProvider.defaults.xsrfCookieName = 'CSRF-Token-' + deviceIdShort;
}
}
return response;
}
};
});
var deviceIDShort = metadata.deviceID.substr(0, 5);
$httpProvider.defaults.xsrfHeaderName = 'X-CSRF-Token-' + deviceIDShort;
$httpProvider.defaults.xsrfCookieName = 'CSRF-Token-' + deviceIDShort;
// language and localisation
@@ -59,7 +37,6 @@ syncthing.config(function ($httpProvider, $translateProvider, LocaleServiceProvi
LocaleServiceProvider.setAvailableLocales(validLangs);
LocaleServiceProvider.setDefaultLocale('en');
});
// @TODO: extract global level functions into separate service(s)