Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-29 18:16:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: pass csrf_token into calls to /register/abort, #11017

Browse Source
This commit is contained in:
Julian Lam
2022-11-09 13:20:28 -05:00
parent 55a197a7d7
commit 2f9d8c350e
3 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/controllers.js
View File

@@ -1237,8 +1237,10 @@ describe('Controllers', () => {
describe('account pages', () => {
let jar;
let csrf_token;
before(async () => {
({ jar } = await helpers.loginUser('foo', 'barbar'));
({ jar, csrf_token } = await helpers.loginUser('foo', 'barbar'));
});
it('should redirect to account page with logged in user', (done) => {
@@ -1802,7 +1804,7 @@ describe('Controllers', () => {
assert.strictEqual(res.body, '/register/complete');
await requestAsync({
uri: `${nconf.get('url')}/register/abort`,
uri: `${nconf.get('url')}/register/abort?_csrf=${csrf_token}`,
method: 'post',
jar,
simple: false,