admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FSN#39957 API2 bestand tegen CSRF misbruik

Browse Source 
svn path=/Website/trunk/; revision=33327
This commit is contained in:
Jos Groot Lipman
2017-03-30 09:58:40 +00:00
parent f322a277e2
commit f6f70243dc
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
APPL/SCF/scaffolding_import.inc
View File

@@ -16,8 +16,8 @@ function scaffolding_import(model, scf_params)
<head>
<% FCLTHeader.Generate() %>
<script>
//var url = "<%=scf_params.this_fullpath%>?mode=api2&format=html&id=<x%=key%x><%=transit%>";
var url = "<%=scf_params.this_fullpath%>?mode=api2&format=json<%=transit%>";
// Als ik *zeker* wist dat API2 is ingericht zou ik POSTen naar /api2/reportsx.json
var url = "<%=scf_params.this_fullpath%>?mode=api2&format=json<%=transit%>";
function importCallback(json, textStatus)
{
@@ -43,6 +43,7 @@ function scaffolding_import(model, scf_params)
type: "POST",
url: url,
data: data,
contentType:"application/json; charset=utf-8",
success: importCallback,
dataType: "json",
"headers": { "X-CSRF-TOKEN" : RVT_token }