Require CSRF token

2022-08-19 22:16:13 +00:00 · 2022-08-19 22:16:13 +00:00 · 36c9b0f79d
parent af49dbb933
commit 36c9b0f79d
2 changed files with 5 additions and 8 deletions
--- a/lib/Controller/ApiController.php
+++ b/lib/Controller/ApiController.php
@ -66,7 +66,6 @@ class ApiController extends Controller {

 	/**
 	 * @NoAdminRequired
-	 * @NoCSRFRequired
 	 *
 	 * @return JSONResponse
 	 */
@ -82,7 +81,6 @@ class ApiController extends Controller {

 	/**
 	 * @NoAdminRequired
-	 * @NoCSRFRequired
 	 *
 	 * @return JSONResponse
 	 */
@ -123,7 +121,6 @@ class ApiController extends Controller {

 	/**
 	 * @NoAdminRequired
-	 * @NoCSRFRequired
 	 *
 	 * @return JSONResponse
 	 */
@ -169,7 +166,6 @@ class ApiController extends Controller {

 	/**
 	 * @NoAdminRequired
-	 * @NoCSRFRequired
 	 *
 	 * @return JSONResponse
 	 */
--- a/src/components/Timeline.vue
+++ b/src/components/Timeline.vue
@ -74,6 +74,7 @@
 <script>

 import * as dav from "../services/DavRequests";
+import axios from '@nextcloud/axios'

 export default {
    data() {
@ -322,8 +323,8 @@ export default {
            }

            const startState = this.state;
-            const res = await fetch(url);
-            const data = await res.json();
+            const res = await axios.get(url);
+            const data = res.data;
            if (this.state !== startState) return;

            this.days = data;
@ -427,8 +428,8 @@ export default {
            let data = [];
            try {
                const startState = this.state;
-                const res = await fetch(url);
-                data = await res.json();
+                const res = await axios.get(url);
+                const data = res.data;
                if (this.state !== startState) return;

                this.days.find(d => d.day_id === dayId).detail = data;