diff --git a/server/api/api.go b/server/api/api.go index 4953504b3..41d3d85e0 100644 --- a/server/api/api.go +++ b/server/api/api.go @@ -55,6 +55,8 @@ func (a *API) RegisterRoutes(r *mux.Router) { apiv1.HandleFunc("/login", a.handleLogin).Methods("POST") apiv1.HandleFunc("/register", a.handleRegister).Methods("POST") + apiv1.HandleFunc("/files", a.sessionRequired(a.handleUploadFile)).Methods("POST") + apiv1.HandleFunc("/blocks/export", a.sessionRequired(a.handleExport)).Methods("GET") apiv1.HandleFunc("/blocks/import", a.sessionRequired(a.handleImport)).Methods("POST") @@ -64,12 +66,9 @@ func (a *API) RegisterRoutes(r *mux.Router) { apiv1.HandleFunc("/workspace", a.sessionRequired(a.handleGetWorkspace)).Methods("GET") apiv1.HandleFunc("/workspace/regenerate_signup_token", a.sessionRequired(a.handlePostWorkspaceRegenerateSignupToken)).Methods("POST") - // Files API + // Get Files API files := r.PathPrefix("/files/").Subrouter() - files.Use(a.requireCSRFToken) - - files.HandleFunc("/", a.sessionRequired(a.handleUploadFile)).Methods("POST") files.HandleFunc("/{filename}", a.sessionRequired(a.handleServeFile)).Methods("GET") } diff --git a/webapp/src/octoClient.ts b/webapp/src/octoClient.ts index b6b45346a..8ae7fa538 100644 --- a/webapp/src/octoClient.ts +++ b/webapp/src/octoClient.ts @@ -232,14 +232,14 @@ class OctoClient { formData.append('file', file) try { + const headers = this.headers() as Record + + // TIPTIP: Leave out Content-Type here, it will be automatically set by the browser + delete headers['Content-Type'] + const response = await fetch(this.serverUrl + '/api/v1/files', { method: 'POST', - - // TIPTIP: Leave out Content-Type here, it will be automatically set by the browser - headers: { - Accept: 'application/json', - Authorization: this.token ? 'Bearer ' + this.token : '', - }, + headers, body: formData, }) if (response.status !== 200) {