aboutsummaryrefslogtreecommitdiffstats
path: root/interface
diff options
context:
space:
mode:
authorAndrew Lewis <nerf@judo.za.org>2016-04-15 19:09:30 +0200
committerAndrew Lewis <nerf@judo.za.org>2016-04-15 19:14:19 +0200
commit5c71b574aba4af3203358284a716061353c521bc (patch)
tree9d1725f56f91970fa2c42776f803a7db5ba7fe4f /interface
parentc4afeadd05ba7b8d21dbe469f424594b62949f00 (diff)
downloadrspamd-5c71b574aba4af3203358284a716061353c521bc.tar.gz
rspamd-5c71b574aba4af3203358284a716061353c521bc.zip
[Fix] Make web interface not send password in query strings (#585)
Diffstat (limited to 'interface')
-rw-r--r--interface/js/rspamd.js36
1 files changed, 18 insertions, 18 deletions
diff --git a/interface/js/rspamd.js b/interface/js/rspamd.js
index 3d6484cd8..2fcc6bfc3 100644
--- a/interface/js/rspamd.js
+++ b/interface/js/rspamd.js
@@ -78,8 +78,8 @@
dataType: 'json',
type: 'GET',
url: 'auth',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
success: function (data) {
if (data.auth === 'failed') {
@@ -94,8 +94,8 @@
dataType: 'json',
type: 'GET',
url: 'auth',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
success: function (data) {
saveCredentials(data, password);
@@ -180,8 +180,8 @@
$.ajax({
dataType: 'json',
url: 'maps',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
error: function () {
alertMessage('alert-modal alert-error', data.statusText);
@@ -374,8 +374,8 @@
dataType: 'json',
type: 'GET',
url: 'pie',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
success: function (data) {
if (pie) {
@@ -484,8 +484,8 @@
$.ajax({
dataType: 'json',
url: 'history',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
error: function () {
alertMessage('alert-error', 'Cannot receive history');
@@ -549,8 +549,8 @@
dataType: 'json',
type: 'GET',
url: 'symbols',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
success: function (data) {
$('#modalBody').empty();
@@ -608,8 +608,8 @@
dataType: 'json',
type: 'GET',
url: 'historyreset',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
success: function (data) {
getHistory();
@@ -907,8 +907,8 @@
dataType: 'json',
type: 'GET',
url: 'actions',
- data: {
- password: getPassword()
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', getPassword());
},
success: function (data) {
// Order of sliders greylist -> probable spam -> spam
@@ -1081,8 +1081,8 @@
dataType: 'json',
type: 'GET',
url: 'auth',
- data: {
- password: password
+ beforeSend: function (xhr) {
+ xhr.setRequestHeader('Password', password);
},
success: function (data) {
if (data.auth === 'failed') {