diff options
| author | George Claghorn <george.claghorn@gmail.com> | 2018-12-27 17:21:41 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-27 17:21:41 -0500 |
| commit | 75d0a46b6c836dc57b9f78760b1277a242010b52 (patch) | |
| tree | 4b0ca6d6da5ad1d147e6a36febe55c3ea875c296 /activestorage/app/javascript | |
| parent | 4ae8d6182fd9351b9451003f9380d8855f3f5a94 (diff) | |
| parent | 372dda2a2950ad3ae5cf744ed8e3caa69a7ed44b (diff) | |
| download | rails-75d0a46b6c836dc57b9f78760b1277a242010b52.tar.gz rails-75d0a46b6c836dc57b9f78760b1277a242010b52.tar.bz2 rails-75d0a46b6c836dc57b9f78760b1277a242010b52.zip | |
Merge pull request #34810 from cbothner/activestorage-no-undefined-csrf-header
ActiveStorage: Don’t include an undefined X-CSRF-Token header when creating a blob record
Diffstat (limited to 'activestorage/app/javascript')
| -rw-r--r-- | activestorage/app/javascript/activestorage/blob_record.js | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/activestorage/app/javascript/activestorage/blob_record.js b/activestorage/app/javascript/activestorage/blob_record.js index ff847892b2..7fbe315f76 100644 --- a/activestorage/app/javascript/activestorage/blob_record.js +++ b/activestorage/app/javascript/activestorage/blob_record.js @@ -17,7 +17,12 @@ export class BlobRecord { this.xhr.setRequestHeader("Content-Type", "application/json") this.xhr.setRequestHeader("Accept", "application/json") this.xhr.setRequestHeader("X-Requested-With", "XMLHttpRequest") - this.xhr.setRequestHeader("X-CSRF-Token", getMetaValue("csrf-token")) + + const csrfToken = getMetaValue("csrf-token") + if (csrfToken != undefined) { + this.xhr.setRequestHeader("X-CSRF-Token", csrfToken) + } + this.xhr.addEventListener("load", event => this.requestDidLoad(event)) this.xhr.addEventListener("error", event => this.requestDidError(event)) } |