Do not set CSRF Token when no csrf header (#10383)

author: Hinaloe <hina@hinaloe.net> 2019-03-26 19:13:20 +0900
committer: Eugen Rochko <eugen@zeonfederated.com> 2019-03-26 11:13:20 +0100
commit: 68f2211f00dfa3f823ad780ed748c1af0078a0cf (patch)
tree: b6ec02cafff51373a71c91ff0a77b6446c15e52e
parent: 792a0f106e04daff29304054a8cf0adaef0d6fe6 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/app/javascript/mastodon/api.js b/app/javascript/mastodon/api.js
index 4be3eadb0..98d59de43 100644
--- a/app/javascript/mastodon/api.js
+++ b/app/javascript/mastodon/api.js
@@ -13,10 +13,14 @@ export const getLinks = response => {
 };
 
 let csrfHeader = {};
+
 function setCSRFHeader() {
-  const csrfToken = document.querySelector('meta[name=csrf-token]').content;
-  csrfHeader['X-CSRF-Token'] = csrfToken;
+  const csrfToken = document.querySelector('meta[name=csrf-token]');
+  if (csrfToken) {
+    csrfHeader['X-CSRF-Token'] = csrfToken.content;
+  }
 }
+
 ready(setCSRFHeader);
 
 export default getState => axios.create({
author	Hinaloe <hina@hinaloe.net>	2019-03-26 19:13:20 +0900
committer	Eugen Rochko <eugen@zeonfederated.com>	2019-03-26 11:13:20 +0100
commit	68f2211f00dfa3f823ad780ed748c1af0078a0cf (patch)
tree	b6ec02cafff51373a71c91ff0a77b6446c15e52e
parent	792a0f106e04daff29304054a8cf0adaef0d6fe6 (diff)