csrf testing

aws-deepracer-community · Jan 21, 2025 · e543c59 · e543c59
1 parent 585c78d
commit e543c59
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/new/index.html b/new/index.html
@@ -3,6 +3,7 @@
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta name="csrf-token" content="{{ csrf_token() }}" />
     <link rel="icon" href="/static/images/deepracer.png" />
     <meta
       name="theme-color"

diff --git a/new/src/pages/models.tsx b/new/src/pages/models.tsx
@@ -65,6 +65,11 @@ class Models extends React.Component<{}, State> {
     });
   };
 
+  getCsrfToken = () => {
+    // Example: Get CSRF token from a meta tag
+    return document.querySelector('meta[name="csrf-token"]').getAttribute('content');
+  };
+
   handleFileUpload = async (event: React.ChangeEvent<HTMLInputElement>) => {
     const file = event.target.files?.[0];
     if (!file) return;
@@ -96,10 +101,12 @@ class Models extends React.Component<{}, State> {
       formData.append("file", file);
 
       try {
+        const csrfToken = this.getCsrfToken();
         const uploadResponse = await axios.put("/api/uploadModels", formData, {
           headers: {
             'Content-Disposition': `form-data; name="file"; filename="${file.name}"`,
-            'Content-Type': 'application/x-gzip'
+            'Content-Type': 'application/x-gzip',
+            'X-CSRF-Token': csrfToken
           }
         });
         if (uploadResponse.data.success) {