Implement CSRF_COOKIE_HTTPONLY option support
Proposed patch allows passing of CSRF token as hidden input in template. Without it, turning on of CSRF_COOKIE_HTTPONLY severely degrades Horizon functionality. Change-Id: I1b1db496c31e6c64d0c205189e845c2cc0c09184 Closes-bug: #1819423
This commit is contained in:
parent
782cb2f22d
commit
e37a508636
|
@ -112,7 +112,8 @@
|
||||||
$route
|
$route
|
||||||
) {
|
) {
|
||||||
|
|
||||||
$http.defaults.headers.post['X-CSRFToken'] = $cookies.csrftoken;
|
$http.defaults.headers.post['X-CSRFToken'] = $cookies.csrftoken ||
|
||||||
|
$('input[name="csrfmiddlewaretoken"]').val();
|
||||||
|
|
||||||
// expose the legacy utils module
|
// expose the legacy utils module
|
||||||
horizon.utils = hzUtils;
|
horizon.utils = hzUtils;
|
||||||
|
|
Loading…
Reference in New Issue