From 9650d27490980e829e33a4d1704668b7d3c71782 Mon Sep 17 00:00:00 2001
From: Paulo Gustavo Veiga <pveiga@wisemapping.com>
Date: Mon, 21 Feb 2022 05:45:10 -0800
Subject: [PATCH] Add CSRF to load

---
 packages/mindplot/src/components/LocalStorageManager.ts    | 2 +-
 packages/mindplot/src/components/PersistenceManager.ts     | 4 ++++
 packages/mindplot/src/components/RestPersistenceManager.ts | 4 ----
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/packages/mindplot/src/components/LocalStorageManager.ts b/packages/mindplot/src/components/LocalStorageManager.ts
index 49c2dd79..6c266e56 100644
--- a/packages/mindplot/src/components/LocalStorageManager.ts
+++ b/packages/mindplot/src/components/LocalStorageManager.ts
@@ -43,7 +43,7 @@ class LocalStorageManager extends PersistenceManager {
     if (xml == null || this.forceLoad) {
       $.ajax({
         url: this.documentUrl.replace('{id}', mapId),
-        headers: { 'Content-Type': 'text/plain', Accept: 'application/xml' },
+        headers: { 'Content-Type': 'text/plain', Accept: 'application/xml', 'X-CSRF-Token': this.getCSRFToken() },
         type: 'get',
         dataType: 'text',
         async: false,
diff --git a/packages/mindplot/src/components/PersistenceManager.ts b/packages/mindplot/src/components/PersistenceManager.ts
index c235ec01..ef7b2aee 100644
--- a/packages/mindplot/src/components/PersistenceManager.ts
+++ b/packages/mindplot/src/components/PersistenceManager.ts
@@ -52,6 +52,10 @@ abstract class PersistenceManager {
     }
   }
 
+  protected getCSRFToken(): string {
+    return document.head.querySelector('meta[name="_csrf"]').getAttribute('content');
+  }
+
   load(mapId: string) {
     $assert(mapId, 'mapId can not be null');
     const domDocument = this.loadMapDom(mapId);
diff --git a/packages/mindplot/src/components/RestPersistenceManager.ts b/packages/mindplot/src/components/RestPersistenceManager.ts
index d97da659..bcf0e0e6 100644
--- a/packages/mindplot/src/components/RestPersistenceManager.ts
+++ b/packages/mindplot/src/components/RestPersistenceManager.ts
@@ -159,10 +159,6 @@ class RESTPersistenceManager extends PersistenceManager {
     return { severity, message };
   }
 
-  private getCSRFToken(): string {
-    return document.head.querySelector('meta[name="_csrf"]').getAttribute('content');
-  }
-
   loadMapDom(mapId: string): Document {
     let xml: Document;
     $.ajax({