joachim/FileRise
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Harden security: enable CSP, add SRI, and externalize inline scripts

Browse Source
This commit is contained in:
Ryan
2025-04-26 02:28:02 -04:00
committed by GitHub
parent 0645a3712a
commit 6d9715169c
5 changed files with 97 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
public/js/auth.js
View File

@@ -437,12 +437,26 @@ function initAuth() {
submitLogin(formData);
});
}
document.getElementById("logoutBtn").addEventListener("click", function () {
fetch("/api/auth/logout.php", {
method: "POST",
credentials: "include",
headers: { "X-CSRF-Token": window.csrfToken }
}).then(() => window.location.reload(true)).catch(() => { });
// handle ?logout=1 query
const params = new URLSearchParams(window.location.search);
if (params.get('logout') === '1') {
localStorage.removeItem("username");
localStorage.removeItem("userTOTPEnabled");
}
// attach logout button listener
document.addEventListener('DOMContentLoaded', () => {
const btn = document.getElementById('logoutBtn');
if (!btn) return;
btn.addEventListener('click', () => {
fetch('/api/auth/logout.php', {
method: 'POST',
credentials: 'include',
headers: { 'X-CSRF-Token': window.csrfToken }
})
.then(() => window.location.reload(true))
.catch(() => { });
});
});
document.getElementById("addUserBtn").addEventListener("click", function () {
resetUserForm();