From fa47baffb6d665e0bd100b8f35f81c324d1b0d0d Mon Sep 17 00:00:00 2001 From: Brian Picciano Date: Fri, 3 Jun 2022 13:42:59 -0600 Subject: Get rid of CSRF code in api.js --- srv/src/http/static/api.js | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/srv/src/http/static/api.js b/srv/src/http/static/api.js index a635118..55c9ecd 100644 --- a/srv/src/http/static/api.js +++ b/srv/src/http/static/api.js @@ -1,7 +1,5 @@ import * as utils from "/static/utils.js"; -const csrfTokenCookie = "csrf_token"; - const doFetch = async (req) => { let res, jsonRes; try { @@ -55,14 +53,8 @@ const call = async (route, opts = {}) => { requiresPow = false, } = opts; - if (!utils.cookies[csrfTokenCookie]) - throw `${csrfTokenCookie} cookie not set, can't make api call`; - const reqOpts = { method, - headers: { - "X-CSRF-Token": utils.cookies[csrfTokenCookie], - }, }; if (requiresPow) { @@ -92,12 +84,6 @@ const ws = async (route, opts = {}) => { const protocol = docURL.protocol == "http:" ? "ws:" : "wss:"; const fullParams = new URLSearchParams(params); - const csrfToken = utils.cookies[csrfTokenCookie]; - - if (!csrfToken) - throw `${csrfTokenCookie} cookie not set, can't make api call`; - - fullParams.set("csrfToken", csrfToken); if (requiresPow) { const {seed, solution} = await solvePow(); -- cgit v1.2.3