poc/qds
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix CSRF token handling and update fetch URL for push subscription
Some checks failed
Scan for leaked secrets using Kingfisher / kingfisher-secrets-scan (push) Has been cancelled
Details

Browse Source
This commit is contained in:
dhanabalan
2026-01-31 18:04:26 +05:30
parent be2151a072
commit 4577f67d0a
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
resources/views/filament/pages/notification-settings.blade.php
View File

@@ -42,7 +42,7 @@
<script> <script>
const vapidKey = "{{ config('webpush.vapid.public_key') }}"; const vapidKey = "{{ config('webpush.vapid.public_key') }}";
// const csrfToken = "{{ csrf_token() }}"; const csrfToken = "{{ csrf_token() }}";
async function registerPush() { async function registerPush() {
if (!('serviceWorker' in navigator)) return; if (!('serviceWorker' in navigator)) return;
@@ -57,11 +57,11 @@
applicationServerKey: vapidKey applicationServerKey: vapidKey
}); });
await fetch('/api/push/subscribe', { await fetch('/push/subscribe', {
method: 'POST', method: 'POST',
headers: { headers: {
'Content-Type': 'application/json', 'Content-Type': 'application/json',
// 'X-CSRF-TOKEN': csrfToken 'X-CSRF-TOKEN': csrfToken
}, },
body: JSON.stringify(subscription) body: JSON.stringify(subscription)
}); });