From 61eba797702fee380e8f89b525bb8dbc3428e8d5 Mon Sep 17 00:00:00 2001 From: Tony Yang Date: Sat, 1 Jun 2019 01:12:36 +0800 Subject: [PATCH] fixed csrf token didn't work in admin panel --- include/js/security.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/js/security.js b/include/js/security.js index 5062a5c..3f87102 100644 --- a/include/js/security.js +++ b/include/js/security.js @@ -3,7 +3,7 @@ axios.defaults.withCredentials = true; axios.interceptors.request.use(function (config) { var crypto = window.crypto || window.msCrypto; let csrfToken = btoa(String(crypto.getRandomValues(new Uint32Array(1))[0])); - document.cookie = `${axios.defaults.xsrfCookieName}=${csrfToken}`; + document.cookie = `${axios.defaults.xsrfCookieName}=${csrfToken}; max-age=10; path=/`; return config; }, function (error) { return Promise.reject(error);