put CSRF only for POST

2022-12-15 23:44:48 -08:00 · 2022-12-15 23:44:48 -08:00 · c83c706a32
commit c83c706a32
parent aa8ff06b6f
1 changed files with 1 additions and 1 deletions
--- a/scripts/utils.js
+++ b/scripts/utils.js
@ -54,10 +54,10 @@ export async function request (path, method, body = null, auth = true) {
 	}
 	if(method === "POST") {
 		content.body = prms.toString();
+		content.headers.CSRFPreventionToken = getCookie("CSRFPreventionToken");
 	}
 	if(auth) {
 		content.headers.Cookie = document.cookie;
-		content.headers.CSRFPreventionToken = getCookie("CSRFPreventionToken");
 	}

 	let response = await fetch(`https://pve.tronnet.net/api2/json${path}`, content)