fix: csrf check failed on public share with password
Signed-off-by: Luka Trovic <luka@nextcloud.com>
This commit is contained in:
parent
c08ab81334
commit
945828bf4c
|
@ -52,18 +52,3 @@ document.addEventListener('DOMContentLoaded', function() {
|
|||
}
|
||||
|
||||
});
|
||||
|
||||
// Fix error "CSRF check failed"
|
||||
document.addEventListener('DOMContentLoaded', function() {
|
||||
var form = document.getElementById('password-input-form');
|
||||
if (form) {
|
||||
form.addEventListener('submit', async function(event) {
|
||||
event.preventDefault();
|
||||
var requestToken = document.getElementById('requesttoken');
|
||||
if (requestToken) {
|
||||
requestToken.value = await OC.fetchRequestToken();
|
||||
}
|
||||
form.submit();
|
||||
});
|
||||
}
|
||||
});
|
||||
|
|
|
@ -70,7 +70,6 @@ import {
|
|||
} from './host.js'
|
||||
import {
|
||||
getToken as getRequestToken,
|
||||
fetchToken as fetchRequestToken,
|
||||
} from './requesttoken.js'
|
||||
import {
|
||||
hideMenus,
|
||||
|
@ -275,7 +274,6 @@ export default {
|
|||
redirect,
|
||||
reload,
|
||||
requestToken: getRequestToken(),
|
||||
fetchRequestToken,
|
||||
/**
|
||||
* @deprecated 19.0.0 use `linkTo` from https://www.npmjs.com/package/@nextcloud/router
|
||||
*/
|
||||
|
|
|
@ -22,8 +22,6 @@
|
|||
*/
|
||||
|
||||
import { emit } from '@nextcloud/event-bus'
|
||||
import { generateUrl } from '@nextcloud/router'
|
||||
import $ from 'jquery'
|
||||
|
||||
/**
|
||||
* @private
|
||||
|
@ -43,15 +41,6 @@ export const manageToken = (global, emit) => {
|
|||
token,
|
||||
})
|
||||
},
|
||||
fetchToken: async () => {
|
||||
const url = generateUrl('/csrftoken')
|
||||
const resp = await $.get(url)
|
||||
token = resp.token
|
||||
emit('csrf-token-update', {
|
||||
token,
|
||||
})
|
||||
return token
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -66,8 +55,3 @@ export const getToken = manageFromDocument.getToken
|
|||
* @param {string} newToken new token
|
||||
*/
|
||||
export const setToken = manageFromDocument.setToken
|
||||
|
||||
/**
|
||||
* @return {Promise<string>}
|
||||
*/
|
||||
export const fetchToken = manageFromDocument.fetchToken
|
||||
|
|
|
@ -35,6 +35,8 @@ import './jquery/index.js'
|
|||
import { initCore } from './init.js'
|
||||
import { registerAppsSlideToggle } from './OC/apps.js'
|
||||
import { getRequestToken } from '@nextcloud/auth'
|
||||
import { generateUrl } from '@nextcloud/router'
|
||||
import Axios from '@nextcloud/axios'
|
||||
|
||||
// eslint-disable-next-line camelcase
|
||||
__webpack_nonce__ = btoa(getRequestToken())
|
||||
|
@ -50,3 +52,20 @@ window.addEventListener('DOMContentLoaded', function() {
|
|||
window.onhashchange = _.bind(OC.Util.History._onPopState, OC.Util.History)
|
||||
}
|
||||
})
|
||||
|
||||
// Fix error "CSRF check failed"
|
||||
document.addEventListener('DOMContentLoaded', function() {
|
||||
const form = document.getElementById('password-input-form')
|
||||
if (form) {
|
||||
form.addEventListener('submit', async function(event) {
|
||||
event.preventDefault()
|
||||
const requestToken = document.getElementById('requesttoken')
|
||||
if (requestToken) {
|
||||
const url = generateUrl('/csrftoken')
|
||||
const resp = await Axios.get(url)
|
||||
requestToken.value = resp.data.token
|
||||
}
|
||||
form.submit()
|
||||
})
|
||||
}
|
||||
})
|
||||
|
|
Loading…
Reference in New Issue