about summary refs log tree commit diff
path: root/app/javascript
diff options
context:
space:
mode:
authorHinaloe <hina@hinaloe.net>2019-03-26 19:13:20 +0900
committerEugen Rochko <eugen@zeonfederated.com>2019-03-26 11:13:20 +0100
commit68f2211f00dfa3f823ad780ed748c1af0078a0cf (patch)
treeb6ec02cafff51373a71c91ff0a77b6446c15e52e /app/javascript
parent792a0f106e04daff29304054a8cf0adaef0d6fe6 (diff)
Do not set CSRF Token when no csrf header (#10383)
Diffstat (limited to 'app/javascript')
-rw-r--r--app/javascript/mastodon/api.js8
1 files changed, 6 insertions, 2 deletions
diff --git a/app/javascript/mastodon/api.js b/app/javascript/mastodon/api.js
index 4be3eadb0..98d59de43 100644
--- a/app/javascript/mastodon/api.js
+++ b/app/javascript/mastodon/api.js
@@ -13,10 +13,14 @@ export const getLinks = response => {
 };
 
 let csrfHeader = {};
+
 function setCSRFHeader() {
-  const csrfToken = document.querySelector('meta[name=csrf-token]').content;
-  csrfHeader['X-CSRF-Token'] = csrfToken;
+  const csrfToken = document.querySelector('meta[name=csrf-token]');
+  if (csrfToken) {
+    csrfHeader['X-CSRF-Token'] = csrfToken.content;
+  }
 }
+
 ready(setCSRFHeader);
 
 export default getState => axios.create({