Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-27 09:06:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

test: don't use csrf_token for get,head, options

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2021-12-14 14:44:05 -05:00
parent 4577600e98
commit 5e08f7e604
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
test/helpers/index.js
View File

@@ -21,11 +21,19 @@ helpers.getCsrfToken = async (jar) => {
}; };
helpers.request = async function (method, uri, options) { helpers.request = async function (method, uri, options) {
const csrf_token = await helpers.getCsrfToken(options.jar); const ignoreMethods = ['GET', 'HEAD', 'OPTIONS'];
const lowercaseMethod = String(method).toLowerCase();
let csrf_token;
if (!ignoreMethods.some(method => method.toLowerCase() === lowercaseMethod)) {
csrf_token = await helpers.getCsrfToken(options.jar);
}
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
options.headers = options.headers || {}; options.headers = options.headers || {};
if (csrf_token) {
options.headers['x-csrf-token'] = csrf_token; options.headers['x-csrf-token'] = csrf_token;
request[method](`${nconf.get('url')}${uri}`, options, (err, res, body) => { }
request[lowercaseMethod](`${nconf.get('url')}${uri}`, options, (err, res, body) => {
if (err) reject(err); if (err) reject(err);
else resolve({ res, body }); else resolve({ res, body });
}); });