diff options
Diffstat (limited to 'web/templates/settings.html')
| -rw-r--r-- | web/templates/settings.html | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/web/templates/settings.html b/web/templates/settings.html index 50569e4..0803ae3 100644 --- a/web/templates/settings.html +++ b/web/templates/settings.html @@ -3,6 +3,7 @@ <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <meta name="csrf-token" content="{{.CSRFToken}}"> <title>Settings - Task Dashboard</title> <script src="https://unpkg.com/htmx.org@1.9.10"></script> <style> @@ -237,19 +238,7 @@ statusEl.textContent = 'Starting registration...'; try { - const csrfMeta = document.querySelector('input[name="csrf_token"]') || document.querySelector('[name="csrf_token"]'); - let csrfToken = ''; - // Get CSRF token from the feature toggle form's hidden fields or cookie - const forms = document.querySelectorAll('form'); - for (const f of forms) { - const input = f.querySelector('input[name="csrf_token"]'); - if (input) { csrfToken = input.value; break; } - } - // Fallback: fetch from HTMX headers - if (!csrfToken) { - const resp = await fetch('/settings/passkeys'); - // Try to extract from response - } + const csrfToken = document.querySelector('meta[name="csrf-token"]').content; const beginResp = await fetch('/passkeys/register/begin', { method: 'POST', |