mirror of
https://github.com/nextcloud/server.git
synced 2026-06-29 12:24:50 +02:00
cd90685af1
Prevents leaking the CSRF token to another third-party domain by mistake.
7 lines
209 B
JavaScript
7 lines
209 B
JavaScript
$(document).on('ajaxSend',function(elm, xhr, settings) {
|
|
if(settings.crossDomain === false) {
|
|
xhr.setRequestHeader('requesttoken', oc_requesttoken);
|
|
xhr.setRequestHeader('OCS-APIREQUEST', 'true');
|
|
}
|
|
});
|