feat(editor): add missing CSRF token retrieval function
Implemented a new function to fetch the CSRF token from cookies in the editor's JavaScript. This ensures secure AJAX requests by validating the client's sessions, enhancing the application's security against cross-site request forgery attacks. The addition is a crucial step towards securing forms and API calls within the editor environment.
This commit is contained in:
parent
e0130ef3c2
commit
2e819ba0a6
|
@ -6,6 +6,22 @@ import "../css/editor.css";
|
|||
|
||||
let clickTimestamp = 0;
|
||||
|
||||
// Function to get the CSRF token cookie
|
||||
function getCookie(name) {
|
||||
let cookieValue = null;
|
||||
if (document.cookie && document.cookie !== "") {
|
||||
const cookies = document.cookie.split(";");
|
||||
for (let i = 0; i < cookies.length; i++) {
|
||||
const cookie = cookies[i].trim();
|
||||
if (cookie.substring(0, name.length + 1) === name + "=") {
|
||||
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
return cookieValue;
|
||||
}
|
||||
|
||||
// Find parent quackscape-scene for ID
|
||||
function findParentScene(element) {
|
||||
var parent = element.parentElement;
|
||||
|
|
Loading…
Reference in a new issue