diff options
| author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2018-02-26 17:13:23 +0100 |
|---|---|---|
| committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2018-03-08 16:48:50 +0100 |
| commit | b9720703e8afa26fd42d1bb7cc8fbf54ba2eeeae (patch) | |
| tree | c5165cb03841c8d814a361d0fd41170474490711 /core/js/js.js | |
| parent | cccf6f4d5f18ad01ff5fcd296d7b8411c1e11139 (diff) | |
| download | nextcloud-server-b9720703e8afa26fd42d1bb7cc8fbf54ba2eeeae.tar.gz nextcloud-server-b9720703e8afa26fd42d1bb7cc8fbf54ba2eeeae.zip | |
Add CSRF token controller to retrieve the current CSRF token
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'core/js/js.js')
| -rw-r--r-- | core/js/js.js | 37 |
1 files changed, 16 insertions, 21 deletions
diff --git a/core/js/js.js b/core/js/js.js index 3c6ababf764..26dbbdb6e63 100644 --- a/core/js/js.js +++ b/core/js/js.js @@ -1366,34 +1366,29 @@ function initCore() { }); /** - * Calls the server periodically to ensure that session doesn't - * time out + * Calls the server periodically to ensure that session and CSRF + * token doesn't expire */ - function initSessionHeartBeat(){ - // max interval in seconds set to 24 hours - var maxInterval = 24 * 3600; + function initSessionHeartBeat() { // interval in seconds var interval = 900; if (oc_config.session_lifetime) { interval = Math.floor(oc_config.session_lifetime / 2); } // minimum one minute - if (interval < 60) { - interval = 60; - } - if (interval > maxInterval) { - interval = maxInterval; - } - var url = OC.generateUrl('/heartbeat'); - var heartBeatTimeout = null; - var heartBeat = function() { - clearInterval(heartBeatTimeout); - heartBeatTimeout = setInterval(function() { - $.post(url); - }, interval * 1000); - }; - $(document).ajaxComplete(heartBeat); - heartBeat(); + interval = Math.max(60, interval); + // max interval in seconds set to 24 hours + interval = Math.min(24 * 3600, interval); + + var url = OC.generateUrl('/csrftoken'); + setInterval(function() { + $.ajax(url).then(function(resp) { + oc_requesttoken = resp.token; + OC.requestToken = resp.token; + }).fail(function(e) { + console.error('session heartbeat failed', e); + }); + }, interval * 1000); } // session heartbeat (defaults to enabled) |