Send Rails CSRF Token with swagger-ui requests

2026-01-23 06:16:42 +00:00 · 2016-05-18 22:53:01 -07:00 · 2016-05-18 22:53:01 -07:00 · 9983261d4f
commit 9983261d4f
parent e10d8daa52
2 changed files with 16 additions and 0 deletions
--- a/app/views/swagger_rails/swagger_ui/index.html.erb
+++ b/app/views/swagger_rails/swagger_ui/index.html.erb
@ -64,6 +64,14 @@
          });

          addApiKeyAuthorization();
+
+          // Send Rails CSRF Token with every request
+          var csrfToken = new SwaggerClient.ApiKeyAuthorization(
+            'X-CSRF-Token',
+            '<%= form_authenticity_token %>',
+            'header'
+          );
+          swaggerUi.api.clientAuthorizations.add('csrf-token', csrfToken);
        },
        onFailure: function(data) {
          log("Unable to Load SwaggerUI");
--- a/lib/generators/swagger_rails/custom_ui/files/index.html.erb
+++ b/lib/generators/swagger_rails/custom_ui/files/index.html.erb
@ -64,6 +64,14 @@
          });

          addApiKeyAuthorization();
+
+          // Send Rails CSRF Token with every request
+          var csrfToken = new SwaggerClient.ApiKeyAuthorization(
+            'X-CSRF-Token',
+            '<%= form_authenticity_token %>',
+            'header'
+          );
+          swaggerUi.api.clientAuthorizations.add('csrf-token', csrfToken);
        },
        onFailure: function(data) {
          log("Unable to Load SwaggerUI");