fix settings page csrf

2025-06-02 11:46:42 +02:00
parent 11745f2eb8
commit 75127394c7
9 changed files with 250 additions and 231 deletions
--- a/templates/settings/tabs/mails.html
+++ b/templates/settings/tabs/mails.html
@@ -173,7 +173,12 @@

 <script>
 function viewMailDetails(mailId) {
-    fetch(`/settings/mails/${mailId}`)
+    const csrfToken = document.querySelector('meta[name="csrf-token"]').content;
+    fetch(`/settings/mails/${mailId}`, {
+        headers: {
+            'X-CSRF-Token': csrfToken
+        }
+    })
        .then(response => response.json())
        .then(mail => {
            document.getElementById('modalSubject').textContent = mail.subject;