From cd10bc23e79c68d7a017e9284f95a166ea66ea08 Mon Sep 17 00:00:00 2001
From: ArthurHoaro <arthur@hoa.ro>
Date: Tue, 1 Sep 2020 11:01:21 +0200
Subject: Export: refresh CRSF token after submit

This allow users to submit the form multiple times, because there is no actual browser redirection to the page.

Fixes #1532
---
 assets/default/js/base.js | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

(limited to 'assets/default')

diff --git a/assets/default/js/base.js b/assets/default/js/base.js
index 0f29799d..27938823 100644
--- a/assets/default/js/base.js
+++ b/assets/default/js/base.js
@@ -25,16 +25,18 @@ function findParent(element, tagName, attributes) {
 /**
  * Ajax request to refresh the CSRF token.
  */
-function refreshToken(basePath) {
-  console.log('refresh');
+function refreshToken(basePath, callback) {
   const xhr = new XMLHttpRequest();
   xhr.open('GET', `${basePath}/admin/token`);
   xhr.onload = () => {
     const elements = document.querySelectorAll('input[name="token"]');
     [...elements].forEach((element) => {
-      console.log(element);
       element.setAttribute('value', xhr.responseText);
     });
+
+    if (callback) {
+      callback(xhr.response);
+    }
   };
   xhr.send();
 }
@@ -622,4 +624,15 @@ function init(description) {
   [...autocompleteFields].forEach((autocompleteField) => {
     awesomepletes.push(createAwesompleteInstance(autocompleteField));
   });
+
+  const exportForm = document.querySelector('#exportform');
+  if (exportForm != null) {
+    exportForm.addEventListener('submit', (event) => {
+      event.preventDefault();
+
+      refreshToken(basePath, () => {
+        event.target.submit();
+      });
+    });
+  }
 })();
-- 
cgit v1.2.3