angular security course

Your Name · Your Name · commit 13a035aa66e4 · 2017-08-18T15:18:29.000+02:00
diff --git a/csrf/csrf-page.html b/csrf/csrf-page.html
@@ -15,6 +15,7 @@ <h1>GOTCHA!!!</h1>
 
 <script>
 
+    document.cookie = 'XSRF-TOKEN=12233';
 
     setTimeout(function() {
         document.getElementById("csrf-form").submit();
diff --git a/server/csrf.middleware.ts b/server/csrf.middleware.ts
@@ -11,8 +11,6 @@ export function checkCsrfToken(req: Request,  res: Response,  next: NextFunction
 
     const csrfHeader = req.headers['x-xsrf-token'];
 
-    const sessionToken = req.cookies["SESSIONID"];
-
     if (csrfCookie && csrfHeader && csrfCookie === csrfHeader) {
         next();
     }

Original file line number	Diff line number	Diff line change
`@@ -11,8 +11,6 @@ export function checkCsrfToken(req: Request, res: Response, next: NextFunction`
`11`	`11`
`12`	`12`	`const csrfHeader = req.headers['x-xsrf-token'];`
`13`	`13`
`14`		`- const sessionToken = req.cookies["SESSIONID"];`
`15`		`-`
`16`	`14`	`if (csrfCookie && csrfHeader && csrfCookie === csrfHeader) {`
`17`	`15`	`next();`
`18`	`16`	`}`