franzz/spot
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Implement CSRF
All checks were successful
Deploy Spot / deploy (push) Successful in 34s
Details

Browse Source
This commit is contained in:
Franzz
2026-05-28 13:22:44 +02:00
parent 8092846d6f
commit fdd0ada815
14 changed files with 129 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/components/upload.vue
View File

@@ -51,6 +51,7 @@ export default {
endpoint,
fieldName: 'files[]',
formData: true,
headers: {'X-CSRF-Token': this.consts.csrf_token},
allowedMetaFields: ['t', 'name', 'type'],
getResponseData(xhr) {
return JSON.parse(xhr.responseText || '{}');
@@ -65,7 +66,7 @@ export default {
const uploadedFiles = response?.body?.files || [];
uploadedFiles.forEach((uploadedFile) => {
const hasError = Object.prototype.hasOwnProperty.call(uploadedFile, 'error');
this.logs.push(hasError ? uploadedFile.error : this.lang.get('upload.success', [uploadedFile.name]));
this.logs.push(hasError ? uploadedFile.error : this.lang.get('upload.success', [uploadedFile.original_name || uploadedFile.name]));
if(!hasError) this.files.push({...uploadedFile, content: ''});
});
});
@@ -85,7 +86,7 @@ export default {
event.target.value = '';
},
addComment(oFile) {
this.api.get('add_comment', {
this.api.post('add_comment', {
id: oFile.id,
content: oFile.content
})
@@ -98,7 +99,7 @@ export default {
navigator.geolocation.getCurrentPosition(
(position) => {
this.logs.push('Sending position...');
this.api.get('add_position', {
this.api.post('add_position', {
'latitude': position.coords.latitude,
'longitude': position.coords.longitude,
'timestamp': Math.round(position.timestamp / 1000)