honeymoose
/
angular-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(xsrf): overwrite already set xsrf header

This commit is contained in:
Barna Tóth 2016-08-19 09:07:48 +02:00 committed by vsavkin
parent 178fb79b5c
commit b4265e0685
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/@angular/http/src/backends/xhr_backend.ts
View File

@ -187,7 +187,7 @@ export class CookieXSRFStrategy implements XSRFStrategy {
configureRequest(req: Request) {
let xsrfToken = __platform_browser_private__.getDOM().getCookie(this._cookieName);
if (xsrfToken && !req.headers.has(this._headerName)) {
if (xsrfToken) {
req.headers.set(this._headerName, xsrfToken);
}
}

4
modules/@angular/http/test/backends/xhr_backend_spec.ts
View File

@ -124,11 +124,11 @@ export function main() {
backend.createConnection(sampleRequest);
expect(sampleRequest.headers.get('X-XSRF-TOKEN')).toBe('magic XSRF value');
});
it('respects existing headers', () => {
it('should allow overwriting of existing headers', () => {
getDOM().setCookie('XSRF-TOKEN', 'magic XSRF value');
sampleRequest.headers.set('X-XSRF-TOKEN', 'already set');
backend.createConnection(sampleRequest);
expect(sampleRequest.headers.get('X-XSRF-TOKEN')).toBe('already set');
expect(sampleRequest.headers.get('X-XSRF-TOKEN')).toBe('magic XSRF value');
});
describe('configuration', () => {