diff options
Diffstat (limited to 'resources')
| -rw-r--r-- | resources/assets/js/vendor.js | 4 | ||||
| -rw-r--r-- | resources/views/errors/419.twig | 7 | ||||
| -rw-r--r-- | resources/views/layouts/app.twig | 1 |
3 files changed, 12 insertions, 0 deletions
diff --git a/resources/assets/js/vendor.js b/resources/assets/js/vendor.js index dd6b66b3..f9cddad6 100644 --- a/resources/assets/js/vendor.js +++ b/resources/assets/js/vendor.js @@ -14,3 +14,7 @@ require('./moment-countdown'); $(function () { moment.locale($('html').attr('lang')); }); + +$.ajaxSetup({ + headers: {'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')} +}); diff --git a/resources/views/errors/419.twig b/resources/views/errors/419.twig new file mode 100644 index 00000000..dcfec022 --- /dev/null +++ b/resources/views/errors/419.twig @@ -0,0 +1,7 @@ +{% extends "errors/default.twig" %} + +{% block title %}{{ __("Authentication expired") }}{% endblock %} + +{% block content %} + <div class="alert alert-warning">{{ __("The provided CSRF token is invalid or has expired") }}</div> +{% endblock %} diff --git a/resources/views/layouts/app.twig b/resources/views/layouts/app.twig index fcbcc665..dc02e3ed 100644 --- a/resources/views/layouts/app.twig +++ b/resources/views/layouts/app.twig @@ -7,6 +7,7 @@ <meta charset="UTF-8"/> <meta name="viewport" content="width=device-width, initial-scale=1"> + <meta name="csrf-token" content="{{ csrf_token() }}"> <link rel="stylesheet" type="text/css" href="{{ asset('assets/theme' ~ theme ~ '.css') }}"/> <script type="text/javascript" src="{{ asset('assets/vendor.js') }}"></script> |