mirrors/axios
2
0
Fork 0
mirror of https://github.com/tenrok/axios.git synced 2026-05-15 11:59:42 +03:00
Code Activity

fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)

Browse Source 
Co-authored-by: DigitalBrainJS <robotshara@gmail.com>
This commit is contained in:
Valentin Panov
2023-10-26 21:54:06 +02:00
committed by GitHub
parent 7d45ab2e2a
commit 96ee232bd3
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
test/specs/xsrf.spec.js
+2 -2
View File
@@ -67,7 +67,7 @@ describe('xsrf', function () {
});
});
it('should set xsrf header for cross origin when using withCredentials', function (done) {
it('should not set xsrf header for cross origin when using withCredentials', function (done) {
document.cookie = axios.defaults.xsrfCookieName + '=12345';
axios('http://example.com/', {
@@ -75,7 +75,7 @@ describe('xsrf', function () {
});
getAjaxRequest().then(function (request) {
expect(request.requestHeaders[axios.defaults.xsrfHeaderName]).toEqual('12345');
expect(request.requestHeaders[axios.defaults.xsrfHeaderName]).toEqual(undefined);
done();
});
});