feat(editor): add missing CSRF token retrieval function
Implemented a new function to fetch the CSRF token from cookies in the editor's JavaScript. This ensures secure AJAX requests by validating the client's sessions, enhancing the application's security against cross-site request forgery attacks. The addition is a crucial step towards securing forms and API calls within the editor environment.
This commit is contained in:
parent
e0130ef3c2
commit
2e819ba0a6
1 changed files with 16 additions and 0 deletions
|
@ -6,6 +6,22 @@ import "../css/editor.css";
|
||||||
|
|
||||||
let clickTimestamp = 0;
|
let clickTimestamp = 0;
|
||||||
|
|
||||||
|
// Function to get the CSRF token cookie
|
||||||
|
function getCookie(name) {
|
||||||
|
let cookieValue = null;
|
||||||
|
if (document.cookie && document.cookie !== "") {
|
||||||
|
const cookies = document.cookie.split(";");
|
||||||
|
for (let i = 0; i < cookies.length; i++) {
|
||||||
|
const cookie = cookies[i].trim();
|
||||||
|
if (cookie.substring(0, name.length + 1) === name + "=") {
|
||||||
|
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return cookieValue;
|
||||||
|
}
|
||||||
|
|
||||||
// Find parent quackscape-scene for ID
|
// Find parent quackscape-scene for ID
|
||||||
function findParentScene(element) {
|
function findParentScene(element) {
|
||||||
var parent = element.parentElement;
|
var parent = element.parentElement;
|
||||||
|
|
Loading…
Reference in a new issue