diff options
Diffstat (limited to 'apps/comments/src/services/DavClient.js')
| -rw-r--r-- | apps/comments/src/services/DavClient.js | 49 |
1 files changed, 19 insertions, 30 deletions
diff --git a/apps/comments/src/services/DavClient.js b/apps/comments/src/services/DavClient.js index ee5aec129c1..3e9a529283f 100644 --- a/apps/comments/src/services/DavClient.js +++ b/apps/comments/src/services/DavClient.js @@ -1,38 +1,27 @@ /** - * @copyright Copyright (c) 2021 John Molakvoæ <skjnldsv@protonmail.com> - * - * @author John Molakvoæ <skjnldsv@protonmail.com> - * - * @license AGPL-3.0-or-later - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ -import { createClient, getPatcher } from 'webdav' -import axios from '@nextcloud/axios' - -import { getRootPath } from '../utils/davUtils' - -// Add this so the server knows it is an request from the browser -axios.defaults.headers['X-Requested-With'] = 'XMLHttpRequest' - -// force our axios -const patcher = getPatcher() -patcher.patch('request', axios) +import { createClient } from 'webdav' +import { getRootPath } from '../utils/davUtils.js' +import { getRequestToken, onRequestTokenUpdate } from '@nextcloud/auth' // init webdav client const client = createClient(getRootPath()) +// set CSRF token header +const setHeaders = (token) => { + client.setHeaders({ + // Add this so the server knows it is an request from the browser + 'X-Requested-With': 'XMLHttpRequest', + // Inject user auth + requesttoken: token ?? '', + }) +} + +// refresh headers when request token changes +onRequestTokenUpdate(setHeaders) +setHeaders(getRequestToken()) + export default client |