add CSRF protection for AJAX requests

2025-07-17 09:58:55 +04:00
parent 8c5737cb28
commit 86663fd27c
2 changed files with 13 additions and 1 deletions
@@ -167,11 +167,17 @@ document.addEventListener('DOMContentLoaded', function() {
                url += `&category=${categoryId}`;
            }
            
+            // Préparer les données avec token CSRF
+            const formData = new FormData();
+            formData.append('csrf_token', document.querySelector('meta[name="csrf-token"]').getAttribute('content'));
+            
            // Faire la requête AJAX
            fetch(url, {
+                method: 'POST',
                headers: {
                    'X-Requested-With': 'XMLHttpRequest'
-                }
+                },
+                body: formData
            })
            .then(response => response.json())
            .then(data => {