klbr/khoj
1
0
Fork 0
mirror of https://github.com/khoaliber/khoj.git synced 2026-03-06 05:39:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add call to use X-CSRFToken in relevant POST methods

Browse Source
This commit is contained in:
sabaimran
2023-06-26 12:38:00 -07:00
parent 35e24d7851
commit ddd550e6f4
4 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/khoj/interface/web/config.html
View File

@@ -98,8 +98,13 @@
event.preventDefault(); event.preventDefault();
configure.disabled = true; configure.disabled = true;
configure.innerHTML = "Configuring..."; configure.innerHTML = "Configuring...";
const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
fetch('/api/update?force=true&client=web', { fetch('/api/update?force=true&client=web', {
method: 'GET', method: 'GET',
headers: {
'Content-Type': 'application/json',
'X-CSRFToken': csrfToken
}
}) })
.then(response => response.json()) .then(response => response.json())
.then(data => { .then(data => {

2
src/khoj/interface/web/content_type_github_input.html
View File

@@ -79,10 +79,12 @@
var repo_name = document.getElementById("repo-name").value; var repo_name = document.getElementById("repo-name").value;
var repo_branch = document.getElementById("repo-branch").value; var repo_branch = document.getElementById("repo-branch").value;
const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
fetch('/api/config/data/content_type/github', { fetch('/api/config/data/content_type/github', {
method: 'POST', method: 'POST',
headers: { headers: {
'Content-Type': 'application/json', 'Content-Type': 'application/json',
'X-CSRFToken': csrfToken,
}, },
body: JSON.stringify({ body: JSON.stringify({
"pat_token": pat_token, "pat_token": pat_token,

2
src/khoj/interface/web/content_type_input.html
View File

@@ -131,10 +131,12 @@
var embeddings_file = document.getElementById("embeddings-file").value; var embeddings_file = document.getElementById("embeddings-file").value;
var index_heading_entries = document.getElementById("index-heading-entries").value; var index_heading_entries = document.getElementById("index-heading-entries").value;
const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
fetch('/api/config/data/content_type/{{ content_type }}', { fetch('/api/config/data/content_type/{{ content_type }}', {
method: 'POST', method: 'POST',
headers: { headers: {
'Content-Type': 'application/json', 'Content-Type': 'application/json',
'X-CSRFToken': csrfToken
}, },
body: JSON.stringify({ body: JSON.stringify({
"input_files": input_files, "input_files": input_files,

2
src/khoj/interface/web/processor_conversation_input.html
View File

@@ -61,10 +61,12 @@
var model = document.getElementById("model").value; var model = document.getElementById("model").value;
var chat_model = document.getElementById("chat-model").value; var chat_model = document.getElementById("chat-model").value;
const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
fetch('/api/config/data/processor/conversation', { fetch('/api/config/data/processor/conversation', {
method: 'POST', method: 'POST',
headers: { headers: {
'Content-Type': 'application/json', 'Content-Type': 'application/json',
'X-CSRFToken': csrfToken
}, },
body: JSON.stringify({ body: JSON.stringify({
"openai_api_key": openai_api_key, "openai_api_key": openai_api_key,