poc/qds
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'Remove unused CSRF token in push notification registration script' (#161) from ranjith-dev into master
Some checks failed
Scan for leaked secrets using Kingfisher / kingfisher-secrets-scan (push) Has been cancelled
Details

Browse Source 
Reviewed-on: #161
This commit was merged in pull request #161.
This commit is contained in:
jothi
2026-01-31 12:29:23 +00:00
parent b6478b5feb 93d55765ae
commit 2eaf01bec8
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
resources/views/filament/pages/notification-settings.blade.php
View File

@@ -42,7 +42,7 @@
<script>
const vapidKey = "{{ config('webpush.vapid.public_key') }}";
const csrfToken = "{{ csrf_token() }}";
// const csrfToken = "{{ csrf_token() }}";
async function registerPush() {
if (!('serviceWorker' in navigator)) return;
@@ -57,15 +57,14 @@
applicationServerKey: vapidKey
});
await fetch('/push/subscribe', {
await fetch('api/push/subscribe', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-CSRF-TOKEN': csrfToken
// 'X-CSRF-TOKEN': csrfToken
},
body: JSON.stringify(subscription)
});
alert("Push notifications enabled ✅");
}
</script>