Commit fcf632ef authored by Mike Greiling's avatar Mike Greiling

Merge branch 'tz-remove-csrf-token-for-emojis-json' into 'master'

Removes the CSRF token if the emojis.json is on a CDN

Closes #58784

See merge request gitlab-org/gitlab-ce!25979
parents 496f9a9e a0b3f621
......@@ -3,6 +3,7 @@ import createFlash from '~/flash';
import { s__ } from '~/locale';
import emojiAliases from 'emojis/aliases.json';
import axios from '../lib/utils/axios_utils';
import csrf from '../lib/utils/csrf';
import AccessorUtilities from '../lib/utils/accessor';
......@@ -24,7 +25,14 @@ export function initEmojiMap() {
resolve(emojiMap);
} else {
// We load the JSON from server
axios
const axiosInstance = axios.create();
// If the static JSON file is on a CDN we don't want to send the default CSRF token
if (gon.asset_host) {
delete axiosInstance.defaults.headers.common[csrf.headerKey];
}
axiosInstance
.get(
`${gon.asset_host || ''}${gon.relative_url_root ||
''}/-/emojis/${EMOJI_VERSION}/emojis.json`,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment