From 3f913133037de44942aa08098425986d91ad979f Mon Sep 17 00:00:00 2001 From: Jonathan Fenske <929220+jfenske89@users.noreply.github.com> Date: Tue, 30 Nov 2021 22:24:34 -0600 Subject: [PATCH 1/2] Update epub.js send the CSRF token when adding bookmarks --- cps/static/js/reading/epub.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cps/static/js/reading/epub.js b/cps/static/js/reading/epub.js index edafa82c..7942bfbd 100644 --- a/cps/static/js/reading/epub.js +++ b/cps/static/js/reading/epub.js @@ -61,11 +61,14 @@ var reader; this.removeBookmark(bookmark); }.bind(this)); } + + var csrftoken = $("input[name='csrf_token']").val(); // Save to database $.ajax(calibre.bookmarkUrl, { method: "post", - data: { bookmark: location || "" } + data: { bookmark: location || "" }, + headers: { "X-CSRFToken": csrftoken } }).fail(function (xhr, status, error) { alert(error); }); From 66874f8163ef3199bc33c9888f3857475a524587 Mon Sep 17 00:00:00 2001 From: Jonathan Fenske <929220+jfenske89@users.noreply.github.com> Date: Tue, 30 Nov 2021 22:25:45 -0600 Subject: [PATCH 2/2] Update read.html include the CSR token input --- cps/templates/read.html | 1 + 1 file changed, 1 insertion(+) diff --git a/cps/templates/read.html b/cps/templates/read.html index 3d2566e0..1766eb1b 100644 --- a/cps/templates/read.html +++ b/cps/templates/read.html @@ -17,6 +17,7 @@