diff options
author | Mike Greiling <mike@pixelcog.com> | 2019-03-11 22:33:22 +0300 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-03-12 00:39:41 +0300 |
commit | 5b2b56185dd28a5bc3b1b420c5e87cea32724f73 (patch) | |
tree | 35bc9713a068d094605efd28211fe214ad7a4c08 /app | |
parent | 821ca59c213732d2120c2d767ce0b30560057a4c (diff) |
Merge branch 'tz-remove-csrf-token-for-emojis-json' into 'master'
Removes the CSRF token if the emojis.json is on a CDN
Closes #58784
See merge request gitlab-org/gitlab-ce!25979
(cherry picked from commit fcf632ef99fee06de42216e769ddfeb28967f17c)
cf2b0dc5 Removes the CSRF token if the emojis.json is on a CDN
Diffstat (limited to 'app')
-rw-r--r-- | app/assets/javascripts/emoji/index.js | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/app/assets/javascripts/emoji/index.js b/app/assets/javascripts/emoji/index.js index 36542315c4c..bb5085a1911 100644 --- a/app/assets/javascripts/emoji/index.js +++ b/app/assets/javascripts/emoji/index.js @@ -3,6 +3,7 @@ import createFlash from '~/flash'; import { s__ } from '~/locale'; import emojiAliases from 'emojis/aliases.json'; import axios from '../lib/utils/axios_utils'; +import csrf from '../lib/utils/csrf'; import AccessorUtilities from '../lib/utils/accessor'; @@ -24,7 +25,14 @@ export function initEmojiMap() { resolve(emojiMap); } else { // We load the JSON from server - axios + const axiosInstance = axios.create(); + + // If the static JSON file is on a CDN we don't want to send the default CSRF token + if (gon.asset_host) { + delete axiosInstance.defaults.headers.common[csrf.headerKey]; + } + + axiosInstance .get( `${gon.asset_host || ''}${gon.relative_url_root || ''}/-/emojis/${EMOJI_VERSION}/emojis.json`, |