From 030a76bafc56a17ebbad1154f9b62d4500214dc8 Mon Sep 17 00:00:00 2001
From: Adam Haeger <adamgullerud@gmail.com>
Date: Tue, 28 Jan 2025 08:24:06 +0100
Subject: [PATCH] wip

---
 src/Altinn.App.Api/Controllers/HomeController.cs | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/Altinn.App.Api/Controllers/HomeController.cs b/src/Altinn.App.Api/Controllers/HomeController.cs
index d1b34489e..33cd738c7 100644
--- a/src/Altinn.App.Api/Controllers/HomeController.cs
+++ b/src/Altinn.App.Api/Controllers/HomeController.cs
@@ -74,6 +74,20 @@ public async Task<IActionResult> Index(
         [FromQuery] bool dontChooseReportee
     )
     {
+        // See comments in the configuration of Antiforgery in MvcConfiguration.cs.
+        var tokens = _antiforgery.GetAndStoreTokens(HttpContext);
+        if (tokens.RequestToken != null)
+        {
+            HttpContext.Response.Cookies.Append(
+                "XSRF-TOKEN",
+                tokens.RequestToken,
+                new CookieOptions
+                {
+                    HttpOnly = false, // Make this cookie readable by Javascript.
+                }
+            );
+        }
+
         if (await ShouldShowAppView())
         {
             ViewBag.org = org;