Created
June 2, 2021 00:02
-
-
Save kuc-arc-f/ac5909a1c13f816c2544678c8c554d09 to your computer and use it in GitHub Desktop.
sapper csrf test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script context="module"> | |
| import axios from 'axios' | |
| export async function preload() { | |
| var url ="/api/get_token"; | |
| const res = await this.fetch(url) | |
| const data = await res.json() | |
| //console.log(data) | |
| var csfr = data | |
| return {csfr}; | |
| } | |
| </script> | |
| <script> | |
| export let csfr; | |
| console.log(csfr) | |
| async function handleClick() { | |
| // alert('clicked') | |
| await valid_token() | |
| } | |
| async function valid_token(){ | |
| try { | |
| var item = { | |
| _token: csfr._token, | |
| } | |
| console.log(item) | |
| const res = await fetch( '/api/valid_csrf', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'application/json', | |
| }, | |
| body: JSON.stringify(item), | |
| }); | |
| if (res.status != 200) { | |
| throw new Error(await res.text()); | |
| } | |
| console.log(await res.json()) | |
| } catch (error) { | |
| console.error(error); | |
| } | |
| } | |
| </script> | |
| <svelte:head> | |
| <title>test</title> | |
| </svelte:head> | |
| <h1>test</h1> | |
| <p>token={csfr._token}</p> | |
| <hr /> | |
| <button on:click={handleClick}>valid_token</button> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment