yetangitu/OpenSTF
1
0
Fork 0
mirror of https://github.com/openstf/stf synced 2025-10-06 03:50:04 +02:00
Code Issues Releases Wiki Activity

Exclude dummy endpoint from CSRF check. It's used as a hack to enable autocomplete on certain fields.

Browse source
This commit is contained in:
Simo Kinnunen 2015-07-10 15:43:54 +09:00
parent b72943bc4d
commit 48b3d66d90
1 changed files with 7 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/units/app/index.js
View file

@ -82,6 +82,13 @@ module.exports = function(options) {
, authUrl: options.authUrl
}))
// This needs to be before the csrf() middleware or we'll get nasty
// errors in the logs. The dummy endpoint is a hack used to enable
// autocomplete on some text fields.
app.all('/app/api/v1/dummy', function(req, res) {
res.send('OK')
})
app.use(bodyParser.json())
app.use(csrf())
app.use(validator())
@ -91,10 +98,6 @@ module.exports = function(options) {
next()
})
app.all('/app/api/v1/dummy', function(req, res) {
res.send('')
})
app.get('/', function(req, res) {
res.render('index')
})