fix: csrf check failed on public share with password

Signed-off-by: Luka Trovic <luka@nextcloud.com>

4 files changed, 19 insertions, 33 deletions

diff --git a/core/js/publicshareauth.js b/core/js/publicshareauth.js
index c0df3de3d92..3d694c7bfd6 100644
--- a/core/js/publicshareauth.js
+++ b/core/js/publicshareauth.js
@@ -52,18 +52,3 @@ document.addEventListener('DOMContentLoaded', function() {
 	}
 
 });
-
-// Fix error "CSRF check failed"
-document.addEventListener('DOMContentLoaded', function() {
-	var form = document.getElementById('password-input-form');
-	if (form) {
-		form.addEventListener('submit', async function(event) {
-			event.preventDefault();
-			var requestToken = document.getElementById('requesttoken');
-			if (requestToken) {
-				requestToken.value = await OC.fetchRequestToken();
-			}
-			form.submit();
-		});
-	}
-});
diff --git a/core/src/OC/index.js b/core/src/OC/index.js
index 34af0b25522..33dd45a17ee 100644
--- a/core/src/OC/index.js
+++ b/core/src/OC/index.js
@@ -70,7 +70,6 @@ import {
 } from './host.js'
 import {
 	getToken as getRequestToken,
-	fetchToken as fetchRequestToken,
 } from './requesttoken.js'
 import {
 	hideMenus,
@@ -275,7 +274,6 @@ export default {
 	redirect,
 	reload,
 	requestToken: getRequestToken(),
-	fetchRequestToken,
 	/**
 	 * @deprecated 19.0.0 use `linkTo` from https://www.npmjs.com/package/@nextcloud/router
 	 */
diff --git a/core/src/OC/requesttoken.js b/core/src/OC/requesttoken.js
index 229f8ff0370..eba15e88e08 100644
--- a/core/src/OC/requesttoken.js
+++ b/core/src/OC/requesttoken.js
@@ -22,8 +22,6 @@
  */
 
 import { emit } from '@nextcloud/event-bus'
-import { generateUrl } from '@nextcloud/router'
-import $ from 'jquery'
 
 /**
  * @private
@@ -43,15 +41,6 @@ export const manageToken = (global, emit) => {
 				token,
 			})
 		},
-		fetchToken: async () => {
-			const url = generateUrl('/csrftoken')
-			const resp = await $.get(url)
-			token = resp.token
-			emit('csrf-token-update', {
-				token,
-			})
-			return token
-		},
 	}
 }
 
@@ -66,8 +55,3 @@ export const getToken = manageFromDocument.getToken
  * @param {string} newToken new token
  */
 export const setToken = manageFromDocument.setToken
-
-/**
- * @return {Promise<string>}
- */
-export const fetchToken = manageFromDocument.fetchToken
diff --git a/core/src/main.js b/core/src/main.js
index 44241ad3bb4..a4535769145 100644
--- a/core/src/main.js
+++ b/core/src/main.js
@@ -35,6 +35,8 @@ import './jquery/index.js'
 import { initCore } from './init.js'
 import { registerAppsSlideToggle } from './OC/apps.js'
 import { getRequestToken } from '@nextcloud/auth'
+import { generateUrl } from '@nextcloud/router'
+import Axios from '@nextcloud/axios'
 
 // eslint-disable-next-line camelcase
 __webpack_nonce__ = btoa(getRequestToken())
@@ -50,3 +52,20 @@ window.addEventListener('DOMContentLoaded', function() {
 		window.onhashchange = _.bind(OC.Util.History._onPopState, OC.Util.History)
 	}
 })
+
+// Fix error "CSRF check failed"
+document.addEventListener('DOMContentLoaded', function() {
+	const form = document.getElementById('password-input-form')
+	if (form) {
+		form.addEventListener('submit', async function(event) {
+			event.preventDefault()
+			const requestToken = document.getElementById('requesttoken')
+			if (requestToken) {
+				const url = generateUrl('/csrftoken')
+				const resp = await Axios.get(url)
+				requestToken.value = resp.data.token
+			}
+			form.submit()
+		})
+	}
+})