w1cdn/spothole
1
0
Fork 0
mirror of https://git.ianrenton.com/ian/spothole.git synced 2026-06-24 13:45:11 +00:00
Code Issues 13 Packages Projects Releases Wiki Activity

Move user credentials into HTTP request headers to prevent them being logged in the server logs

Browse Source
This commit is contained in:
Ian Renton
2026-06-20 10:15:35 +01:00
parent ae17839096
commit e08a183d1b
13 changed files with 58 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
webassets/js/alerts.js
View File

@@ -6,7 +6,7 @@ let alerts = [];
// Load alerts and populate the table.
function loadAlerts() {
$.getJSON('/api/v2/alerts' + buildQueryString(false), function (jsonData) {
$.ajax({url: '/api/v2/alerts' + buildQueryString(), dataType: 'json', headers: getCredentialHeaders(), success: function (jsonData) {
// Store last updated time
lastUpdateTime = moment.utc();
updateRefreshDisplay();
@@ -14,11 +14,11 @@ function loadAlerts() {
alerts = jsonData;
// Update table
updateTable();
});
}});
}
// Build a query string for the API, based on the filters that the user has selected.
function buildQueryString(includeCredentials) {
function buildQueryString() {
let str = "?";
["dx_continent", "source"].forEach(fn => {
if (!allFilterOptionsSelected(fn)) {
@@ -33,9 +33,6 @@ function buildQueryString(includeCredentials) {
if ($("#dxpeditions_skip_max_duration_check")[0].checked) {
str = str + "&dxpeditions_skip_max_duration_check=true";
}
if (includeCredentials) {
str = str + getCredentialQueryString();
}
return str;
}