Implement CSRF_COOKIE_HTTPONLY option support

Proposed patch allows passing of CSRF token as hidden input in template.
Without it, turning on of CSRF_COOKIE_HTTPONLY severely degrades Horizon
functionality.

Change-Id: I1b1db496c31e6c64d0c205189e845c2cc0c09184
Closes-bug: #1819423
This commit is contained in:
vmarkov 2019-03-06 16:57:09 +02:00 committed by BubaVV
parent 782cb2f22d
commit e37a508636
1 changed files with 2 additions and 1 deletions

View File

@ -112,7 +112,8 @@
$route
) {
$http.defaults.headers.post['X-CSRFToken'] = $cookies.csrftoken;
$http.defaults.headers.post['X-CSRFToken'] = $cookies.csrftoken ||
$('input[name="csrfmiddlewaretoken"]').val();
// expose the legacy utils module
horizon.utils = hzUtils;