From: Hinaloe <hina@hinaloe.net>
Date: Tue, 26 Mar 2019 10:13:20 +0000 (+0900)
Subject: Do not set CSRF Token when no csrf header (#10383)
X-Git-Url: https://git.xn--scling-oua.cat.family/?a=commitdiff_plain;h=68f2211f00dfa3f823ad780ed748c1af0078a0cf;p=mastodon.git

Do not set CSRF Token when no csrf header (#10383)
---

diff --git a/app/javascript/mastodon/api.js b/app/javascript/mastodon/api.js
index 4be3eadb0..98d59de43 100644
--- a/app/javascript/mastodon/api.js
+++ b/app/javascript/mastodon/api.js
@@ -13,10 +13,14 @@ export const getLinks = response => {
 };
 
 let csrfHeader = {};
+
 function setCSRFHeader() {
-  const csrfToken = document.querySelector('meta[name=csrf-token]').content;
-  csrfHeader['X-CSRF-Token'] = csrfToken;
+  const csrfToken = document.querySelector('meta[name=csrf-token]');
+  if (csrfToken) {
+    csrfHeader['X-CSRF-Token'] = csrfToken.content;
+  }
 }
+
 ready(setCSRFHeader);
 
 export default getState => axios.create({