From 030a76bafc56a17ebbad1154f9b62d4500214dc8 Mon Sep 17 00:00:00 2001 From: Adam Haeger <adamgullerud@gmail.com> Date: Tue, 28 Jan 2025 08:24:06 +0100 Subject: [PATCH] wip --- src/Altinn.App.Api/Controllers/HomeController.cs | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/Altinn.App.Api/Controllers/HomeController.cs b/src/Altinn.App.Api/Controllers/HomeController.cs index d1b34489e..33cd738c7 100644 --- a/src/Altinn.App.Api/Controllers/HomeController.cs +++ b/src/Altinn.App.Api/Controllers/HomeController.cs @@ -74,6 +74,20 @@ public async Task<IActionResult> Index( [FromQuery] bool dontChooseReportee ) { + // See comments in the configuration of Antiforgery in MvcConfiguration.cs. + var tokens = _antiforgery.GetAndStoreTokens(HttpContext); + if (tokens.RequestToken != null) + { + HttpContext.Response.Cookies.Append( + "XSRF-TOKEN", + tokens.RequestToken, + new CookieOptions + { + HttpOnly = false, // Make this cookie readable by Javascript. + } + ); + } + if (await ShouldShowAppView()) { ViewBag.org = org;