Merge pull request #7878 from opf/feature/31618-Enable-quote-creation-from-website

Do not override `withCredentials` params when set

[ci skip]
pull/7892/head
Oliver Günther 5 years ago committed by GitHub
commit 952952fe42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 5
      frontend/src/app/components/work-packages/work-package.service.ts
  2. 3
      frontend/src/app/modules/hal/dm-services/query-order-dm.service.ts
  3. 31
      frontend/src/app/modules/hal/http/openproject-header-interceptor.ts

@ -56,7 +56,10 @@ export class WorkPackageService {
'ids[]': ids
};
const promise = this.http
.delete(this.PathHelper.workPackagesBulkDeletePath(), {params: params})
.delete(
this.PathHelper.workPackagesBulkDeletePath(),
{params: params, withCredentials: true}
)
.toPromise();
if (defaultHandling) {

@ -51,7 +51,8 @@ export class QueryOrderDmService {
return this.http
.patch(
this.orderPath(id),
{ delta: delta }
{ delta: delta },
{ withCredentials: true }
)
.toPromise()
.then((response:{t:string}) => response.t);

@ -10,21 +10,26 @@ export class OpenProjectHeaderInterceptor implements HttpInterceptor {
intercept(req:HttpRequest<any>, next:HttpHandler):Observable<HttpEvent<any>> {
const csrf_token:string|undefined = jQuery('meta[name=csrf-token]').attr('content');
let newHeaders = req.headers
.set('X-Authentication-Scheme', 'Session')
.set('X-Requested-With', 'XMLHttpRequest');
if (req.withCredentials !== false) {
if (csrf_token) {
newHeaders = newHeaders.set('X-CSRF-TOKEN', csrf_token);
}
let newHeaders = req.headers
.set('X-Authentication-Scheme', 'Session')
.set('X-Requested-With', 'XMLHttpRequest');
if (csrf_token) {
newHeaders = newHeaders.set('X-CSRF-TOKEN', csrf_token);
}
// Clone the request to add the new header
const clonedRequest = req.clone({
withCredentials: true,
headers: newHeaders
});
// Clone the request to add the new header
const clonedRequest = req.clone({
withCredentials: true,
headers: newHeaders
});
// Pass the cloned request instead of the original request to the next handle
return next.handle(clonedRequest);
}
// Pass the cloned request instead of the original request to the next handle
return next.handle(clonedRequest);
return next.handle(req);
}
}

Loading…
Cancel
Save