dandri/meshcore-bot
1
0
Fork 0
mirror of https://github.com/agessaman/meshcore-bot.git synced 2026-05-14 11:25:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: add X-Requested-With header to zombie-recover and radio-offline-clear fetch calls

Browse Source 
Both banner action buttons were posting without the required
X-Requested-With header, causing the CSRF guard to return 403.
This commit is contained in:
Stacy Olivas
2026-04-09 21:20:19 -07:00
parent d6efd7cb95
commit eb6e3fa885
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/web_viewer/templates/base.html
+2 -2
View File
@@ -488,7 +488,7 @@
btn.innerHTML = '<i class="fas fa-spinner fa-spin me-1"></i>Restarting\u2026';
fetch('/api/admin/zombie-recover', {
method: 'POST',
headers: {'Content-Type': 'application/json'}
headers: {'Content-Type': 'application/json', 'X-Requested-With': 'XMLHttpRequest'}
})
.then(function(r) { return r.json(); })
.then(function(data) {
@@ -544,7 +544,7 @@
btn.innerHTML = '<i class="fas fa-spinner fa-spin me-1"></i>Clearing\u2026';
fetch('/api/admin/radio-offline-clear', {
method: 'POST',
headers: {'Content-Type': 'application/json'}
headers: {'Content-Type': 'application/json', 'X-Requested-With': 'XMLHttpRequest'}
})
.then(function(r) { return r.json(); })
.then(function(data) {