diff --git a/app/app.js b/app/app.js index a9d2e068f..28219cba3 100644 --- a/app/app.js +++ b/app/app.js @@ -26,7 +26,7 @@ angular.module('dockerui', [ .config(['$routeProvider', '$httpProvider', function ($routeProvider, $httpProvider) { 'use strict'; - $httpProvider.defaults.xsrfCookieName = '_gorilla_csrf'; + $httpProvider.defaults.xsrfCookieName = 'csrfToken'; $httpProvider.defaults.xsrfHeaderName = 'X-CSRF-Token'; $routeProvider.when('/', { @@ -83,13 +83,11 @@ angular.module('dockerui', [ time: 10000 }); } - console.log('response', response); + var csrfToken = response.headers('X-Csrf-Token'); + if (csrfToken) { + document.cookie = 'csrfToken=' + csrfToken; + } return response; - }, - request: function(config) { - console.log(document.cookie); - console.log('request', config); - return config; } }; }); diff --git a/dockerui.go b/dockerui.go index 3cd5abbdf..5cff5c8e7 100644 --- a/dockerui.go +++ b/dockerui.go @@ -93,22 +93,13 @@ func createHandler(dir string, e string) http.Handler { mux.Handle("/dockerapi/", http.StripPrefix("/dockerapi", h)) mux.Handle("/", fileHandler) - return logWrapper(CSRF(mux)) + return CSRF(csrfWrapper(mux)) } -func logWrapper(h http.Handler) http.Handler { +func csrfWrapper(h http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - log.Println("Request starting: " + r.URL.Path) - c, err := r.Cookie ("_gorilla_csrf") - if err != nil { - log.Println("Unable to find session cookie _gorilla_csrf") - h.ServeHTTP(w, r) - } else { - log.Println("Cookie:" + c.Value) - log.Println("Header:" + r.Header.Get("X-CSRF-Token")) - h.ServeHTTP(w, r) - log.Println("Request ending") - } + w.Header().Set("X-CSRF-Token", csrf.Token(r)) + h.ServeHTTP(w, r) }) }