Extend prepared headers for form submission

sorenmalling · December 15, 2021, 10:02am

Hi,

With the form submission and turbo frame, I can see that Turbo automatically adds a header named X-CSRF-Token. In my backend of choice, the CSRF token header is expected to be X-Flow-Csrftoken.

Is it somehow/how is it possible to hook in, and “extend” these prepared headers, and add/replace the CSRF token header, that is needed in this scenario?

Relevant code from the repository, preparing the header: turbo/form_submission.ts at b419c0de0b82025b1c7ba644efcb12c57c23d05d · hotwired/turbo · GitHub

tleish · December 15, 2021, 7:00pm

Would this work:

document.addEventListener("turbo:before-fetch-request", ({ detail: { fetchOptions }) => 
  fetchOptions.headers["X-Flow-Csrftoken"] = "???"
))

sorenmalling · December 20, 2021, 11:18am

Yes, lovely! Thank you @tleish

Topic		Replies	Views
Form submission without a `text/vnd.turbo-stream.html` Accept header?	3	1124	October 17, 2023
Turbo-frame won't update after a form submission	3	1992	September 10, 2021
Invalid CSRF token because user logging is using turbo_streams	4	635	March 6, 2023
Turbo and form redirects (again!)	3	1652	October 15, 2021
Form POST request method not working	1	321	October 30, 2023

Extend prepared headers for form submission

Related Topics