Merge remote-tracking branch 'bookmark_csrf/master'

This commit is contained in:
Ozzie Isaacs 2021-12-14 17:59:32 +01:00
commit f0399d04b7
2 changed files with 5 additions and 1 deletions

View file

@ -61,11 +61,14 @@ var reader;
this.removeBookmark(bookmark); this.removeBookmark(bookmark);
}.bind(this)); }.bind(this));
} }
var csrftoken = $("input[name='csrf_token']").val();
// Save to database // Save to database
$.ajax(calibre.bookmarkUrl, { $.ajax(calibre.bookmarkUrl, {
method: "post", method: "post",
data: { bookmark: location || "" } data: { bookmark: location || "" },
headers: { "X-CSRFToken": csrftoken }
}).fail(function (xhr, status, error) { }).fail(function (xhr, status, error) {
alert(error); alert(error);
}); });

View file

@ -17,6 +17,7 @@
<body> <body>
<div id="sidebar"> <div id="sidebar">
<div id="panels"> <div id="panels">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
<!--input id="searchBox" placeholder="search" type="search"--> <!--input id="searchBox" placeholder="search" type="search"-->
<!--a id="show-Search" class="show_view icon-search" data-view="Search">Search</a--> <!--a id="show-Search" class="show_view icon-search" data-view="Search">Search</a-->