put CSRF only for POST

This commit is contained in:
Arthur Lu 2022-12-15 23:44:48 -08:00
parent c62f583dd4
commit 9dc6b6d588

View File

@ -54,10 +54,10 @@ export async function request (path, method, body = null, auth = true) {
}
if(method === "POST") {
content.body = prms.toString();
content.headers.CSRFPreventionToken = getCookie("CSRFPreventionToken");
}
if(auth) {
content.headers.Cookie = document.cookie;
content.headers.CSRFPreventionToken = getCookie("CSRFPreventionToken");
}
let response = await fetch(`https://pve.tronnet.net/api2/json${path}`, content)