poc/qds
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix CSRF token handling and update fetch URL for push subscription
Some checks failed
Scan for leaked secrets using Kingfisher / kingfisher-secrets-scan (push) Has been cancelled
Details

Browse Source
This commit is contained in:
dhanabalan
2026-01-31 18:04:26 +05:30
parent be2151a072
commit 4577f67d0a
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
resources/views/filament/pages/notification-settings.blade.php
View File

@@ -42,7 +42,7 @@
<script>
const vapidKey = "{{ config('webpush.vapid.public_key') }}";
// const csrfToken = "{{ csrf_token() }}";
const csrfToken = "{{ csrf_token() }}";
async function registerPush() {
if (!('serviceWorker' in navigator)) return;
@@ -57,11 +57,11 @@
applicationServerKey: vapidKey
});
await fetch('/api/push/subscribe', {
await fetch('/push/subscribe', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
// 'X-CSRF-TOKEN': csrfToken
'X-CSRF-TOKEN': csrfToken
},
body: JSON.stringify(subscription)
});