Skip to content

Commit

Permalink
Fix Markdown preview
Browse files Browse the repository at this point in the history
  • Loading branch information
@thomiceli
thomiceli committed Nov 1, 2024
1 parent 97b9fa1 commit 825e031
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 9 deletions.
15 changes: 7 additions & 8 deletions internal/web/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -245,14 +245,13 @@ func NewServer(isDev bool, sessionsPath string) *Server {
// Web based routes
g1 := e.Group("")
{
if !dev {
g1.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
TokenLookup: "form:_csrf,header:X-CSRF-Token",
CookiePath: "/",
CookieHTTPOnly: true,
CookieSameSite: http.SameSiteStrictMode,
}))
}
g1.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
TokenLookup: "form:_csrf,header:X-CSRF-Token",
CookiePath: "/",
CookieHTTPOnly: true,
CookieSameSite: http.SameSiteStrictMode,
}))

g1.Use(csrfInit)
g1.GET("/", create, logged)
g1.POST("/", processCreate, logged)
Expand Down
6 changes: 5 additions & 1 deletion public/editor.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,10 +73,14 @@ document.addEventListener("DOMContentLoaded", () => {
} else {
const formData = new FormData();
formData.append('content', editor.state.doc.toString());
let csrf = document.querySelector<HTMLInputElement>('form#create input[name="_csrf"]').value
fetch(`${baseUrl}/preview`, {
method: 'POST',
credentials: 'same-origin',
body: formData
body: formData,
headers: {
'X-CSRF-Token': csrf
}
}).then(r => r.text()).then(r => {
let divpreview = dom.querySelector("div.preview") as HTMLElement;
divpreview!.innerHTML = r;
Expand Down

0 comments on commit 825e031

Please sign in to comment.