Skip to content
Extraits de code Groupes Projets
Sélectionner une révision Git
2 résultats
Blame Lien permanent
  • John Edmonds's avatar
    8a44b384
    Add CSRF token to forms generated by fileuploader. · 8a44b384
    John Edmonds a rédigé 
    Diaspora added an X-CSRF-Token header to XHR made by fileupload.
Since fileupload doesn't think Opera supports XHR, it builds a form and submits that instead.
By adding a hidden authenticity_token to the form, Opera can submit the form without logging the user out.
    8a44b384
    Historique
    Add CSRF token to forms generated by fileuploader.
    John Edmonds a rédigé 
    Diaspora added an X-CSRF-Token header to XHR made by fileupload.
Since fileupload doesn't think Opera supports XHR, it builds a form and submits that instead.
By adding a hidden authenticity_token to the form, Opera can submit the form without logging the user out.