From a46c97bd7936ea8793618bb54ce19ac32c61f71d Mon Sep 17 00:00:00 2001 From: Leif Åstrand Date: Thu, 25 Apr 2013 12:45:45 +0300 Subject: Verify CSRF token before accepting new CSRF connection (#11635) * Can't open push connection during client-side init because CSRF token is not available at that point. This allows simplifying the initialization because the push state will not be checked until the first response has been processed. * Add helper for checking the CSRF token Change-Id: I31da1ac669dc9a581cbd66f58c07f10ea4b8b676 --- WebContent/VAADIN/vaadinBootstrap.js | 6 ------ 1 file changed, 6 deletions(-) (limited to 'WebContent') diff --git a/WebContent/VAADIN/vaadinBootstrap.js b/WebContent/VAADIN/vaadinBootstrap.js index ae50289477..b2995dd0bd 100644 --- a/WebContent/VAADIN/vaadinBootstrap.js +++ b/WebContent/VAADIN/vaadinBootstrap.js @@ -120,12 +120,6 @@ url += '&theme=' + encodeURIComponent(theme); } - // Tell the UI what pushMode it is configured to use - var pushMode = getConfig('pushMode'); - if (pushMode !== undefined) { - url += '&v-pushMode=' + encodeURIComponent(pushMode); - } - var extraParams = getConfig('extraParams') if (extraParams !== undefined) { url += extraParams; -- cgit v1.2.3