s434730/RandomSec
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix frontend for extensions for CSRF protections

Browse Source
This commit is contained in:
Antonin Delpeuch 2019-10-17 11:44:57 +01:00
parent 1ee5068f0d
commit aa228c43b2
5 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
extensions/database/module/scripts/index/database-import-controller.js
View File

@ -255,7 +255,7 @@ Refine.DatabaseImportController.prototype._updatePreview = function() {
$.post( $.post(
"command/core/importing-controller?" + $.param({ "command/core/importing-controller?" + $.param({
"controller": "database/database-import-controller", "controller": "database/database-import-controller",
"jobID": this._jobID, "jobID": self._jobID,
"subCommand": "parse-preview", "subCommand": "parse-preview",
"csrf_token": token "csrf_token": token
}), }),
@ -339,7 +339,7 @@ Refine.DatabaseImportController.prototype._createProject = function() {
$.post( $.post(
"command/core/importing-controller?" + $.param({ "command/core/importing-controller?" + $.param({
"controller": "database/database-import-controller", "controller": "database/database-import-controller",
"jobID": this._jobID, "jobID": self._jobID,
"subCommand": "create-project", "subCommand": "create-project",
"csrf_token": token "csrf_token": token
}), }),

6
extensions/gdata/module/scripts/index/importing-controller.js
View File

@ -322,12 +322,12 @@ Refine.GDataImportingController.prototype._updatePreview = function() {
$.post( $.post(
"command/core/importing-controller?" + $.param({ "command/core/importing-controller?" + $.param({
"controller": "gdata/gdata-importing-controller", "controller": "gdata/gdata-importing-controller",
"jobID": this._jobID, "jobID": self._jobID,
"subCommand": "parse-preview", "subCommand": "parse-preview",
"csrf_token": token "csrf_token": token
}), }),
{ {
"options" : JSON.stringify(this.getOptions()) "options" : JSON.stringify(self.getOptions())
}, },
function(result) { function(result) {
if (result.status == "ok") { if (result.status == "ok") {
@ -395,7 +395,7 @@ Refine.GDataImportingController.prototype._createProject = function() {
$.post( $.post(
"command/core/importing-controller?" + $.param({ "command/core/importing-controller?" + $.param({
"controller": "gdata/gdata-importing-controller", "controller": "gdata/gdata-importing-controller",
"jobID": this._jobID, "jobID": self._jobID,
"subCommand": "create-project", "subCommand": "create-project",
"csrf_token": token "csrf_token": token
}), }),

4
main/webapp/modules/core/scripts/index.js
View File

@ -56,8 +56,8 @@ Refine.wrapCSRF = function(onCSRF) {
Refine.postCSRF = function(url, data, success, dataType, failCallback) { Refine.postCSRF = function(url, data, success, dataType, failCallback) {
return Refine.wrapCSRF(function(token) { return Refine.wrapCSRF(function(token) {
var fullData = data || {}; var fullData = data || {};
if (typeof fulldata == 'string') { if (typeof fullData == 'string') {
fullData = fullData + $.param({csrf_token: token}); fullData = fullData + "&" + $.param({csrf_token: token});
} else { } else {
fullData['csrf_token'] = token; fullData['csrf_token'] = token;
} }

4
main/webapp/modules/core/scripts/preferences.js
View File

@ -55,8 +55,8 @@ Refine.wrapCSRF = function(onCSRF) {
Refine.postCSRF = function(url, data, success, dataType, failCallback) { Refine.postCSRF = function(url, data, success, dataType, failCallback) {
return Refine.wrapCSRF(function(token) { return Refine.wrapCSRF(function(token) {
var fullData = data || {}; var fullData = data || {};
if (typeof fulldata == 'string') { if (typeof fullData == 'string') {
fullData = fullData + $.param({csrf_token: token}); fullData = fullData + "&" + $.param({csrf_token: token});
} else { } else {
fullData['csrf_token'] = token; fullData['csrf_token'] = token;
} }

4
main/webapp/modules/core/scripts/project.js
View File

@ -420,8 +420,8 @@ Refine.wrapCSRF = function(onCSRF) {
Refine.postCSRF = function(url, data, success, dataType) { Refine.postCSRF = function(url, data, success, dataType) {
Refine.wrapCSRF(function(token) { Refine.wrapCSRF(function(token) {
var fullData = data || {}; var fullData = data || {};
if (typeof fulldata == 'string') { if (typeof fullData == 'string') {
fullData = fullData + $.param({csrf_token: token}); fullData = fullData + "&" + $.param({csrf_token: token});
} else { } else {
fullData['csrf_token'] = token; fullData['csrf_token'] = token;
} }