From 2e819ba0a62d648f72e42d8010ab543650fb5a32 Mon Sep 17 00:00:00 2001
From: Kumi <git@kumi.email>
Date: Fri, 15 Mar 2024 15:09:43 +0100
Subject: [PATCH] feat(editor): add missing CSRF token retrieval function

Implemented a new function to fetch the CSRF token from cookies in the
editor's JavaScript. This ensures secure AJAX requests by validating the
client's sessions, enhancing the application's security against
cross-site request forgery attacks. The addition is a crucial step
towards securing forms and API calls within the editor environment.
---
 assets/js/editor.js | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/assets/js/editor.js b/assets/js/editor.js
index 55238aa..e66d606 100644
--- a/assets/js/editor.js
+++ b/assets/js/editor.js
@@ -6,6 +6,22 @@ import "../css/editor.css";
 
 let clickTimestamp = 0;
 
+// Function to get the CSRF token cookie
+function getCookie(name) {
+  let cookieValue = null;
+  if (document.cookie && document.cookie !== "") {
+    const cookies = document.cookie.split(";");
+    for (let i = 0; i < cookies.length; i++) {
+      const cookie = cookies[i].trim();
+      if (cookie.substring(0, name.length + 1) === name + "=") {
+        cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
+        break;
+      }
+    }
+  }
+  return cookieValue;
+}
+
 // Find parent quackscape-scene for ID
 function findParentScene(element) {
   var parent = element.parentElement;