Docker/AdventureLog
Docker/AdventureLog
1
0
Fork 0
mirror of https://github.com/seanmorley15/AdventureLog.git synced 2025-08-04 04:35:19 +02:00
Code Issues Releases Activity

fix: include Referer header in user-related API requests

Browse source
This commit is contained in:
Sean Morley 2025-01-17 20:20:56 -05:00
parent 75162bbf7b
commit 1a7643b8a7
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
frontend/src/routes/settings/+page.server.ts
View file

@ -107,7 +107,8 @@ export const actions: Actions = {
const resCurrent = await fetch(`${endpoint}/auth/user-metadata/`, { const resCurrent = await fetch(`${endpoint}/auth/user-metadata/`, {
headers: { headers: {
Cookie: `sessionid=${sessionId}` Cookie: `sessionid=${sessionId}`,
Referer: event.url.origin // Include Referer header
} }
}); });
@ -158,6 +159,7 @@ export const actions: Actions = {
let res = await fetch(`${endpoint}/auth/update-user/`, { let res = await fetch(`${endpoint}/auth/update-user/`, {
method: 'PATCH', method: 'PATCH',
headers: { headers: {
Referer: event.url.origin, // Include Referer header
Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`, Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`,
'X-CSRFToken': csrfToken 'X-CSRFToken': csrfToken
}, },
@ -209,6 +211,7 @@ export const actions: Actions = {
let res = await fetch(`${endpoint}/_allauth/browser/v1/account/password/change`, { let res = await fetch(`${endpoint}/_allauth/browser/v1/account/password/change`, {
method: 'POST', method: 'POST',
headers: { headers: {
Referer: event.url.origin, // Include Referer header
Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`, Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`,
'X-CSRFToken': csrfToken, 'X-CSRFToken': csrfToken,
'Content-Type': 'application/json' 'Content-Type': 'application/json'
@ -226,6 +229,7 @@ export const actions: Actions = {
let res = await fetch(`${endpoint}/_allauth/browser/v1/account/password/change`, { let res = await fetch(`${endpoint}/_allauth/browser/v1/account/password/change`, {
method: 'POST', method: 'POST',
headers: { headers: {
Referer: event.url.origin, // Include Referer header
Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`, Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`,
'X-CSRFToken': csrfToken, 'X-CSRFToken': csrfToken,
'Content-Type': 'application/json' 'Content-Type': 'application/json'
@ -258,6 +262,7 @@ export const actions: Actions = {
let res = await fetch(`${endpoint}/auth/change-email/`, { let res = await fetch(`${endpoint}/auth/change-email/`, {
method: 'POST', method: 'POST',
headers: { headers: {
Referer: event.url.origin, // Include Referer header
Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`, Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`,
'Content-Type': 'application/json', 'Content-Type': 'application/json',
'X-CSRFToken': csrfToken 'X-CSRFToken': csrfToken