POST calls failing due to CXRF

Issue-ID: PORTAL-870
Change-Id: Ia3fe5b27278d029a96a3e20ec62cfecb1b92a52b
Signed-off-by: statta <statta@research.att.com>

diff --git a/portal-FE-os/src/app/shared/interceptors/header-interceptor.ts b/portal-FE-os/src/app/shared/interceptors/header-interceptor.ts
index bb76e14..10a3f95 100644 (file)
--- a/portal-FE-os/src/app/shared/interceptors/header-interceptor.ts
+++ b/portal-FE-os/src/app/shared/interceptors/header-interceptor.ts
@@ -46,17 +46,22 @@ import {
 import { Observable } from 'rxjs';
 import { v4 as uuid } from 'uuid';
 import { Injectable } from '@angular/core';
-declare const getWebJunctionXSRFToken: any;
+declare const getXSRFToken: any;
 
 @Injectable()
 export class HeaderInterceptor implements HttpInterceptor {
     intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
         // Clone the request to add the new header
         // HttpHeader object immutable - copy values
+        var XSRFToken = getXSRFToken();
         const headerSettings: { [name: string]: string | string[]; } = {};
         headerSettings['X-ECOMP-RequestID'] = uuid();
         const requestType = req.params.get('requestType');
        
+       
+        if (XSRFToken && XSRFToken.name && XSRFToken.value)
+            headerSettings['X-XSRF-TOKEN'] = XSRFToken.value;
+       
         if(requestType!=null && requestType==='fileUpload'){
           //headerSettings['Content-Type'] = 'multipart/form-data';
         }else if(requestType!=null && requestType==='downloadWidgetFile'){

diff --git a/portal-FE-os/src/app/shared/utils/utils.js b/portal-FE-os/src/app/shared/utils/utils.js
index 3c99f4a..95d4c68 100644 (file)
--- a/portal-FE-os/src/app/shared/utils/utils.js
+++ b/portal-FE-os/src/app/shared/utils/utils.js
@@ -1,3 +1,23 @@
+function getXSRFToken() {      
+       var cookies = getCookies();
+       var XSRFToken = {
+                       name:'',
+                       value:''
+       };
+       //var contextRoot = getContextRoot();
+       var hasXSRFToken = false;
+       for(var name in cookies) {
+               if(name == "XSRF-TOKEN") {
+                       XSRFToken.name = name;
+                       XSRFToken.value = cookies[name];
+                       hasXSRFToken = true;
+               }
+       }
+       
+       return (hasXSRFToken==false)?null:XSRFToken;
+}
+
+
 function getCookies() {
     var cookies = { };
     if (document.cookie && document.cookie != '') {